# Integrating GoDaddy Certificate Authority with Key Manager Plus Cloud Key Manager Plus Cloud facilitates integration with GoDaddy SSL certificate authority (CA) and helps you achieve an end-to-end life cycle management of GoDaddy certificates installed on your domains from a single interface. This document explains the steps to establish connection with the GoDaddy account, acquire, deploy, renew and perform all certificate management-related operations from Key Manager Plus Cloud. Follow the steps below to integrate GoDaddy with Key Manager Plus Cloud: 1. [Configure GoDaddy API Credentials in Key Manager Plus Cloud](#configure-godaddy-api-credentials-in-key-manager-plus-cloud) 2. [Import Existing Certificate Orders](#importing-existing-certificate-orders) 3. [Creating New Certificate Orders](#creating-new-certificate-orders) 4. [Checking Order Status](#checking-order-status) 5. [Managing Certificates Issued by GoDaddy CA](#managing-certificates-issued-by-godaddy-ca) ## 1. Configure GoDaddy API Credentials in Key Manager Plus Cloud To begin managing certificate lifecycle issued by GoDaddy CA from Key Manager Plus Cloud, set up connection with your GoDaddy account initially by providing the API key details generated from the website. To generate your API key: 1. Open the [GoDaddy developer portal](https://developer.godaddy.com/) on your web browser and switch to the **API keys** tab. 2. Log in to your GoDaddy account if you have not logged in already. 3. Once you log in, you will be redirected to the API keys page where you can create and manage API keys. Click **Create New API Key**. 4. Provide the application name, select **Production** as the environment type, and click **Next**. 5. The API key and its secret are generated. Copy and save the secret in a secure location as it cannot be viewed again. 6. Under **Login Info**, you can find your GoDaddy Customer Number. Copy and save it as you need it when configuring the GoDaddy account in Key Manager Plus Cloud. 7. Now, go to Key Manager Plus Cloud interface and navigate to **Integrations >> Public CA Integrations >> GoDaddy**. 8. Click **Account** at the top-right corner of the page. ![ca-godaddy-1](https://cdn.manageengine.com/sites/meweb/images/key-manager/help-cloud/ca-godaddy-1.png) 9. Enter the **Key** (API key), **Secret**, and **Customer Number** in the pop-up dialog box that appears and click **Save**. The key details are stored in Key Manager Plus Cloud. The account configuration is a one-time process. So, there is no need to provide the API details every time while placing a certificate order. ## 2. Importing Existing Certificate Orders Key Manager Plus Cloud facilitates users to import the already existing certificate orders placed within their account from GoDaddy and track their statuses. Follow the steps below to import the existing certificate orders from GoDaddy to Key Manager Plus Cloud: 1. Navigate to the **Integrations >> Public CA Integrations >> GoDaddy** tab. 2. Click **More >> Import Existing Orders** from the top menu. ![ca-godaddy-2](https://cdn.manageengine.com/sites/meweb/images/key-manager/help-cloud/ca-godaddy-2.png) 3. In the pop-up dialog box that appears, choose to exclude the expired and revoked certificates. 4. Click **Import** to complete the process. Now, the GoDaddy certificates from the imported orders will be added to the inventory. ## 3. Creating New Certificate Orders To create new GoDaddy certificate order request from the Key Manager Plus Cloud interface, follow the steps below: 1. Navigate to **Integrations >> Public CA Integrations >> GoDaddy**, and click on **Order Certificate**. 2. In the form that appears, enter the **Common Name** and select the **Generate New Key** option for the certificate order. 3. **Enter** or **Generate Keystore Password** and fill in the **Requester Contact Details**. 4. After filling out the required details, click **Create** to create the certificate order. ![ca-godaddy-3](https://cdn.manageengine.com/sites/meweb/images/key-manager/help-cloud/ca-godaddy-3.png) ### Additional Details - In addition to importing certificates, Key Manager Plus Cloud provides options to import an already existing private key / CSR file when creating new certificate orders. - When raising certificate requests from Key Manager Plus Cloud, users can only raise as many requests as the number of set-up certificates purchased from GoDaddy. Once you have created new certificate orders, validate your ownership of the domain by fulfilling certain challenges put forth by GoDaddy CA. The challenge IDs are mailed to the requester's and domain administrator's email IDs. For detailed information, refer to [this document](https://www.manageengine.com/key-manager/help-cloud/ssl-integrations-dcv.html). ## 4. Checking Order Status After performing the operations on your domain server and submitting for domain validation, navigate to **Integrations >> Public CA Integrations >> GoDaddy** in Key Manager Plus Cloud, select an order from the available list and click **Check Issue Status** from the top menu. If your domain verification is successful, GoDaddy issues the certificate which is fetched by Key Manager Plus Cloud and is added to the centralized certificate inventory. ![ca-godaddy-4](https://cdn.manageengine.com/sites/meweb/images/key-manager/help-cloud/ca-godaddy-4.png) ### Caution The certificate is automatically added to Key Manager Plus Cloud only when the license count is not exceeded. If so, renew your Key Manager Plus Cloud license and then attempt to add the issued certificate to the inventory. ## 5. Managing Certificates Issued by GoDaddy CA Key Manager Plus Cloud allows administrators to renew, revoke, request reissue of certificates, cancel certificate orders, and delete certificate orders of GoDaddy certificate authority. ### 5.1 Canceling a Certificate Order To cancel a certificate order from Key Manager Plus Cloud, follow these steps: 1. Navigate to **Integrations >> Public CA Integrations >> GoDaddy**. 2. Select the required certificate from the list and click **More** from the top menu. 3. Select the **Cancel Order** option from the drop-down list. 4. In the pop-up that appears, confirm canceling the certificate order. ### 5.2 Renewing a Certificate Users can renew a GoDaddy certificate either manually or automate the process. #### 5.2.1 Manual Certificate Renewal To renew the desired certificates manually, perform the steps that follow: 1. Navigate to **Integrations >> Public CA Integrations >> GoDaddy**. 2. Select the required certificate and click **Renew Certificate** from the top menu. ![ca-godaddy-5](https://cdn.manageengine.com/sites/meweb/images/key-manager/help-cloud/ca-godaddy-5.png) 3. In the window that appears, select the **Key** type and enter the required details to renew the certificate. 4. You have to prove your ownership of the domain before every renewal by fulfilling the challenges put forth by GoDaddy CA. The challenges are mailed to the requester's and domain administrator's email IDs. Upon successful validation, the certificate will be issued and automatically added to Key Manager Plus Cloud. #### 5.2.2 Automated Certificate Renewal To configure the auto-renewal process for the desired certificates, perform the steps that follow: 1. Navigate to **Integrations >> Public CA Integrations >> GoDaddy** and click **Auto-Renewal** from the top pane. 2. On the page that appears, enable the **Auto-Renew** button. ![ca-godaddy-6](https://cdn.manageengine.com/sites/meweb/images/key-manager/help-cloud/ca-godaddy-6.png) 3. Enter the number of days before expiry in which the auto-renewal process is to be carried out. 4. Select the desired certificates that are to be auto-renewed. 5. Select the **Algorithm Length, Keystore Type, Root Type,** and **Period** for the newly renewed certificate and click **Save**. ### Best Practice It is advised not to attempt to renew the orders that are configured for auto-renewal. Based on the configured details, the auto-renewal process will be carried out. Click **Auto-Renewal Audit** at the top-right corner of the page to get insights about the certificates renewed through the auto-renewal process. ### 5.3 Reissuing a Certificate To reissue the required certificates, follow the steps below: 1. Navigate to **Integrations >> Public CA Integrations >> GoDaddy**. 2. Select the required order and click **Reissue Certificate** from the top menu. ![ca-godaddy-7](https://cdn.manageengine.com/sites/meweb/images/key-manager/help-cloud/ca-godaddy-7.png) 3. In the window that appears, choose the **Key** type and enter the required details. Click **Reissue**. 4. Here again, you have to prove your ownership of the domain by fulfilling the challenges put forth by GoDaddy CA. The challenges are mailed to the requester's and domain administrator's email IDs. Upon successful validation, the certificate will be reissued and automatically added to Key Manager Plus Cloud. ### 5.4 Revoking a Certificate To revoke the certificates, follow the steps below: 1. Navigate to **Integrations >> Public CA Integrations >> GoDaddy**. 2. Select the required order and click **More >> Revoke Certificate** from the top menu. 3. In the pop-up window that appears, select a reason to revoke from the dropdown and click **Revoke**. ![ca-godaddy-8](https://cdn.manageengine.com/sites/meweb/images/key-manager/help-cloud/ca-godaddy-8.png) Now, the certificate will be revoked. ### Caution Revoking a certificate will remove the certificate as well as the corresponding SSL bought from GoDaddy website, and users cannot request another certificate for the same SSL. So, it is advised to use "Reissue" instead of "Revoke". ### 5.5 Deleting a Certificate Order Request To delete a certificate order request from Key Manager Plus Cloud, follow these steps: 1. Navigate to **Integrations >> Public CA Integrations >> GoDaddy**. 2. Select the required order from the list. 3. Click the **More** dropdown from the top pane. 4. Select the **Delete** option from the drop-down list and confirm your action in the pop-up that appears. ### Additional Detail To delete the certificate issued by GoDaddy from Key Manager Plus Cloud, switch to the **SSL >> Certificates** tab and delete the certificates.