SYOC Configuration and Renewal ProcessSYOC Configuration and Renewal ProcessSYOC provides option to bring your own certificate for the custom domain. Infrastructure security tools to generate your own certificate signing requests, which can be signed by the certificate authority of your choice. Then, you can use the tools to upload the signed certificate to your instance's load balancer.It is supported from Sandiego and later versionRole Required: AdminDependency: Ensure custom domain is cname to instance.service-now.com Customurl will be revoked if it exists for the domain Renewal: Follow same process of generate CSR and upload certificate from STEP 3 You can request SYOC(Sign Your Own Accept) by following these steps: Install the plugin com.glide.infrastructure_security. Plugins à Infrastructure Security Settings --> installCustomer can choose from available list of ciphers under from TLS settings for custom domain Generate a Certificate Signing Request (CSR) by following steps Navigate to All > Infrastructure Security Settings > Generate CSR.Add one or more domains to your request. Select the Add button under the Domains heading.In the pop-up window, enter the domain and select OK.Repeat these steps as needed to add more domains. Note: Domains can be removed by selecting the X button to the left of each domain entry. Enter any information that you want included in your request inSelect Submit.After selecting Submit, your instance will generate the certificate signing request. The request appears in the Generated CSR field. Customer will work with the certificate vendor to procure the certificate, by copying the generated CSR and submitting it to the vendor Note: Ensure the Organization, Organizational Unit country state Locality is matching between CSR and Cert.You can cross validate by using below commands or some external site. Reading CSR : openssl req -in mycsr.csr -noout -text Reading Cert openssl x509 -in certificate.crt -text -noout Match hash values openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum openssl req -in CSR.csr -pubkey -noout -outform pem | sha256sum 5. Upload the generated certificate into the instance by following below steps Select Infrastructure security setting then select Upload certificate.In 1st text box you need to copy the public certificate (open the certificate in notepad, copy text from begin to end certificate and paste the text).In 2nd table copy the intermediate.pem certificate(open the intermediate.pem in notepad, copy text from begin to end certificate and paste the text).If there is root certificate you can paste intermediate and after that root certificate In same tab Now click on submit.Note: The details given while generating the CSR and while generating the certificate should be same. If not you might encounter certificate validation errors.