To ensure that the information sent between Zapier and HireTrack NX is secure the connection is made over https - the same protocol used when connecting to your bank. Unfortunately to benefit from this security involves using a security certificate to prove who you are.
If you don't already have a suitable certificate, then the steps below will walk you through purchasing a suitable one for about £20/$20.
Although it may seem complicated and use unfamiliar terminology, it's actually quite easy as long as you follow each step carefully, and should take no longer than about 15 minutes.
The explanation below assumes that you are using a Windows 10 PC, if you're using a different version of Windows or a Mac then the screens shown will be slightly different.
The first thing required is a Certificate Signing Request (csr), which is simply a specially formatted file containing information about who you are.
- From Microsoft Windows, click Start.
- In the Search programs and files field or Run, type mmc.
- Click File > Add/Remove Snap-in.
- From the list of available snap-ins, select Certificates.
- Click Add.
- Select Computer account.
- Click Next.
- Select Local computer (the computer this console is running on).
- Click Finish.
- In the Add/Remove Snap-in window, click OK.
- Save these console settings for future use.
- Access your MMC snap in > right click the Personal folder.
- Select All Tasks > Advanced Operations > Create Custom Request.
- The CSR generation wizard will open > Click Next.
- Select the option to Proceed without enrollment policy > Click Next.
- Click Next at the PKCS # 10 window.
- From the Details drop down menu > Click Properties.
- Enter a Friendly Name of your choosing.
- Access the Subject tab.
In this tab, locate the Subject Name box and within that the Type: dropdown.
Firstly drop down and select "Common Name", in the Value box, type in the web address that Zapier to use to connect to the HireTrack Integration service - this will be the domain name you set up with your Internet provider, something like zapier.mycompany.com
Double check this is correct and there are no typos. If you apply for a certificate with an error here, the certificate will not work.
The click the Add > button.
which will transfer the setting to the box on the right hand side.
Repeat this, next selecting Organization then Locality, State and finally Country.
The Organization is who you are e.g Navigator Systems Ltd
The Locality is the town or city you are based e.g Bath
The State is the full name of the state or county (no abbreviations) e.g Somerset
The Country is the two character ISO code. For the UK, this is GB. A full list can be found here.
Note: that when entering the Organization value only letters and numbers are permitted, so if your company name includes a symbol, it must be spelled out in full e.g Jones & Sons should be entered as Jones and Sons
This will end up with something like this
Click Apply. - Click the Private Key tab > click the drop down for Key options > select Key size: 2048 and check the option to Make private key exportable.
- Click the drop down for Select Hash Algorithm, under Hash Algorithm select sha256 > Click OK.
- Click Next then Click the Browse... button
- Select a location to save the CSR file. Enter a name for the file and click Save. We suggest calling it zapier_csr.txt and saving it in your My Documents folder.
- Click Finish.
- The CSR file will be present at the location you saved and can be used to request a code signing certificate.
If you want to view the contents of the CSR, to check it's correct, if you open the file in notepad you will see something like this, which doesn't make much sense to a human, however you can copy this code and paste it in to the box on this web page https://www.sslshopper.com/csr-decoder.html
where it will be decoded to something readable by you. - The next stage is to order your certificate, there are many places on the internet where you can buy certificates. We recommend https://www.thesslstore.com/comodo/positivessl.aspx who pay us a small commission on each order, which allows us to offer support on this process if required. This is the simplest certificate currently available, so doesn't offer some of the features of more expensive certificates, but does everything we need.
Make sure that the "Want Us to Install?:" option is set to NO and click on the Addto Cart button
On the next screen enter your billing details and credit card info and then click continue, which will move you to the complete order stage
If the order is successful then the next stage is to generate the certificate.
Move your mouse over the Red Begin button and it will change to a Go buton
This will open the CSR wizard.
Step One - select NEW
Step Two - Select NO
Step Three - this is where the certificate issuer validates that you have control of the domain you are purchasing a certificate for.
The simplest way is via email - a confirmation link will be sent to one of the pre-authorized email addresses i.e
- admin@yourdomain.com
- administrator@yourdomain.com
- webmaster@yourdomain.com
- postmaster@yourdomain.com
- hostmaster@yourdomain.com
There are other ways to prove you control the domain, but they require a more technical understanding, so for most users the email option is the simplest.
Paste the CSR data (from step 25 above) in to Section 4
Sections 5, 6 & 7 can be ignored (answer No to all three is acceptable)
Section 8, select OTHER
Then Press the button. The SSL store will now ask you to confirm that the details are correct.
and select the email address that you want to confirmation link to be sent to (you may need to press the Retrieve All Emails button first).
and enter your contact information
and finally agree to the Terms & Conditions
and press the button.
Your order will be submitted and confirmed.
27. You should shortly receive an email
Click on the link and enter the validation code supplied
Click NEXT >
If everything has been entered correctly, the confirmation message will be displayed.
28. After a while you'll receive an email containing your certificate as a zip file
29. Save and Open the zip file, you should see something like this
which is our certificate zapier_navigator_co_uk and three other certificates which are used to prove that our one is valid.
30. Assuming that you're on a Windows PC, double click on the zapier_navigator_co_uk.crt file
This will open the Windows certificate manager
and click on the Install Certificate... button.
When the wizard pops up, choose Local Machine .
Let Windows select the certificate store.
Click NEXT and then FINISH
31. We now need to export the certificate in to a format suitable to the Zapier Integration
- From Microsoft Windows, click Start.
- In the Search programs and files field or Run, type mmc.
- Click File > Add/Remove Snap-in.
- From the list of available snap-ins, select Certificates.
- Click Add.
- Select Computer account.
- Click Next.
- Select Local computer (the computer this console is running on).
- Click Finish.
- In the Add/Remove Snap-in window, click OK.
- Save these console settings for future use.
- Access your MMC snap in > double click the Personal folder and then the Certificates folder.
- Right Click on the certificate you just installed and select All Tasks > Export
- When the Wizard pops up, select Yes, export private key
- Click Next and then select the same options as shown below
- Click Next. Select Password and enter password. This password will encrypt the certificate and you will need it again shortly.
- Click Next and the click the browse button to choose a location to save the exported certificate. We recommend using a filename that represents the domain. Make sure you Save as type Personal Information Exchange (*.pfx).
Make a note of where you save the file - a copy will be needed on the computer acting as the integration server. - You're now ready to install the HireTrack NX Integration Service and configure it for use with Zapier.
Comments
3 comments
I purchased one of these certificates from the SSL Store last June. It will expire this June, and I'm trying to figure out what I need to do in order to renew the certificate. My hosting company is Bluehost, and their site says that it will renew via AutoSSL automatically. However, when I speak to their customer service, they basically say yes, no, yes, no, yes, no, yes, no, yes. So now I'm really confused. They point to the fact that it is a 3rd party certificate as one reason why it won't. They also say that since it isn't pointed to their IP (the A-Record reroute needed for Zapier), it won't renew. But then in the same breath, they also say that AutoSSL will renew it automatically. Does anyone up here have any insight on this?
Keith Boreham The process will vary based on the vendor from whom you purchased the certificate. You will likely get a renewal email from the CA (Certificate Authority) starting one month out from when your cert expires. This should have the exact instructions on how to renew. It will not auto-renew, that you can be certain.
If the certificate was in use on a Bluehost server and protecting something within their ecosystem (such as a website hosted by them) then autorenewal could be possible. However, that is not the case and you are using the certificate on third-party software (HireTrack) and there is no auto-renew feature built into HireTrack.
The steps to renew should be minimal and may consist of clicking a link on an email the CA sends you, and verifying your identity on their website, and then download the new copy of your certificate with a new expiry date. Then you would need to swap out the CRT file on the machine running the HireTrack integration server.
Hope this gives you some more information and insight into the process.
That is precisely the explanation I was looking for. Thanks Chad!
Please sign in to leave a comment.