Prerequisites for Setting Up Secure Domains

This topic applies to

Applies to

Commerce Web Stores



On Site Builder websites using the latest version of Google Chrome browser, a security warning message might be displayed stating that the connection is not secure. Google has made modifications to Chrome to display the Not secure warning message if the website visitor enters data on an HTTP page outside Incognito mode, and on all HTTP pages visited in Incognito mode. The shopping pages on Site Builder websites use HTTP connections causing the warning message to be displayed. You can safely ignore this warning message as the Login and Checkout pages on Site Builder websites use HTTPS connections and experience no security risk.


While it is possible to create secure HTTPS shopping domains using a third party Content Delivery Network (CDN) provider, this usage is not supported by NetSuite. Site Builder considers all shopping domains as HTTP and this can be incompatible with third party HTTPS shopping domains. For example, Site Builder always generates absolute URLs with HTTP prefix for files that are linked to using <link href="">. When these absolute HTTP URLs are used with third party HTTPS shopping domains, security warnings may be displayed.

To set up a secure shopping domain, a single secure domain for shopping and checkout, or a custom checkout domain, you first need to acquire an SSL certificate. Complete the following steps to do this:

  1. Purchase Domains and SSL Certificates

  2. Download and Install OpenSSL

  3. Create a Private Key for your Certificate

  4. Generate a Certificate Signing Request (CSR)

  5. Submit your CSR

  6. Retrieve your Certificates

  7. Upload your Certificate Files


You can purchase an SSL certificate from the certificate authority of your choice as long as it meets the restrictions listed in the topic Purchase Domains and SSL Certificates. For a list of certificate authorities, see the Mozilla Included CA Certificate List. You can purchase certificates from providers not listed in the Mozilla Included CA Certificate list, however, they may not be trusted by all web browsers or by the NetSuite application.