This document contains the necessary steps required to onboard into the Invotra environment from a technical perspective. This will cover the following:

  • Configuring the domain
  • Configuring the SSL Certificate

Please note, these steps will need to be completed before configuring Single Sign On with your Identify provider.


If you would like to manage your own Domain name, resolve to the hostname below using a CNAME:

[invotra CNAME endpoint]

Otherwise Invotra can create a new domain name for your invotra service, e.g:

SSL certificate

In order to enable TLS for the new domain name, we will need to terminate the SSL certificate on our Load balancer in Amazon Web Services (AWS). We support two of the following options:

– Wildcard certificate

If your organisation uses a wildcard certificate for your domain name, that can be provided to a member of the assigned Invotra technical contact assisting you with the onboarding process. When you export the SSL Cert and the corresponding key please choose the Apache option. 

– Request new certificate

If your organisation has a requirement to create a new SSL Certificate, we will need to complete the following steps:

1. You or your technical resource to provide the following details for us to generate a new CSR:

     -Country Name (2 letter code):
     -State or Province Name (full name):
Locality Name (eg, city):
Organisation Name (eg, company):
Organisational Unit Name:
Common Name:
Email Address: 

2. We will generate the CSR and provide to your technical contact

3. Your technical contact will generate a new SSL cert using the CSR provided using your preferred certificate authority

4. The SSL certificate is provided to Invotra and configured on the AWS Load balancer where SSL is terminated


Leave a Reply