Hostname and SSL certificates
Haplo is hosted on an address under your institution’s domain. This needs to be delegated to the Haplo hosting infrastructure, and SSL certificates provided and renewed throughout the life of the contract.
1) Choose hostname
Choose a suitable hostname for your application. As you are likely to be using the application for multiple purposes, it’s often desirable to use a fairly generic hostname.
For example, if your domain is example.ac.uk, most of our customers would choose to host their application on research.example.ac.uk.
2) Delegate hostname in DNS
After you have chosen your hostname, your Haplo contact will provide you with a target hostname on the Haplo infrastructure. You should add a CNAME record to your DNS which aliases your chosen hostname to the Haplo target hostname.
3) Provide SSL certificate
Please review the SSL certificate policy below.
Haplo will generate the private key and provide you with a Certificate Signing Request (CSR). Please purchase an SSL certificate using this CSR, and send it back to Haplo using the Send file feature of your Project Room.
4) Set up processes for renewal
Every year Haplo will generate a new private key and send your support contact a new CSR. You’ll need to purchase a new SSL certificate before the current certificate expires.
You must obtain a new CSR from Haplo each year. Certificates which are generated using a previous CSR will reuse the private key, and cannot be accepted.
Test and development environments
Your non-live environments use hostnames under a Haplo domain. You will only be asked to set up DNS and provide SSL certificates for the live environment.
SSL certificate policy
- Haplo must generate the private key. We cannot accept SSL certificates where the private key has been generated by the institution or a third party.
- The validity of the certificate should be no more than one year.
- New private keys must be generated each time the certificate is renewed.
- Any public CA may be used.