If you’re creating a custom domain and need assistance purchasing and creating SSL certificate(s) and key files, the articles from Amazon Web Services (AWS) are a great place to start:

You will need a SSL certificate that contains a common name matching the domain you would like your portal to live at. For example, if your portal should live at refer.yourcompanyname.com, you would want a SSL certificate with that common name. You could also purchase a wildcard certificate for *.yourcompanyname.com.
​ 
When creating your private key and certificate signing request, please ensure that the size of the key is no greater than 2048 bits.
​  

Depending on where you get them from, the files that you receive from the Certificate Authority may vary. The Certificate Authority that issues your certificate may also include several intermediate certificates. These may be included in one file or in separate files when uploading your SSL information.
​ 
File types range from .cer to .crt for certificates, and public or private versions of the key. Files may also come in bundles such as .pkcs12 or .pfx. Please note, we currently only accept unbundled files in .pem or .crt formatting for certificates, and private rsa format for the key.
​ 

An easy way to tell that your files are in the proper format is to open them in a text editor, you will then look for the following. Please note, any other prefix or suffix wrapping the certificate or key chains than what is shown below will not be accepted by our system.
​

For any further questions about the different types of certificate and/or key file types and how to convert them, check out this external resource with more information.
​ 
​ 
​ Other support articles you may be interested in: