Namecheap (SSL)

Integration setup

Integration is configured in the process of creating a service processing module in BILLmanager.

To create a service processing module, enter Integration → Processing modules → click Add. The processing module adding wizard consists of the following steps:

Product type: select "SSL certificates".
Processing module: select "Namecheap".
Integration settings. Specify the data for integration:
Complete the form using the details of an existing client in the handler's system:
1. Username — username in Namecheap system;
2. API user — username for access to API;
3. API key — key for access to API;
4. BILLmanager IP — IP-address from where requests to Namecheap will be sent;
5. Sandbox — use testing access for test requests.
Activate the Add New Client option to display a link to register with the handler's system.
Processing module parameters. Configure internal (within BILLmanager) parameters of the service processing module:
1. Name — specify the name of the processing module to be displayed in the BILLmanager interface.
2. Department — select the department to which tasks from the processing module will be assigned.
3. Sort — specify the processing module’s priority. If more than one processing module is connected to a tariff plan, the processing module with the lowest priority is selected first when creating the service.
4. Processing module minimal balance — specify the minimum amount on the personal account in the system to purchase services. For more information, see Processing Module Balance.

Connection test

On the last step, BILLmanager tries to connect to the registrar with the data you have specified.

If connection ends up with the error: Cannot connect to the processing module, we recommend to check that:

connection data is correct;
the URL address of the certification authority is accessible from the server with BILLmanager;
you can execute API calls from the IP address of BILLmanager from your account in the certification authority.

SSL certificate validity periods

Starting from 2026 new rules of the CA/Browser Forum organization come into effect, limiting the maximum validity period of SSL certificates. This is done to enhance security. The platform is adapted to work with these changes.

Start date of changes	Maximum certificate validity period	Validation Reuse period
March 15, 2026.	200 days	DV — 200 days; OV/EV (SII) — 398 days.
March 15, 2027.	100 days	DV — 100 days.
March 15, 2029.	47 days	DV — 10 days.

Where:

DV — domain validation (Domain Validation);
OV — organization validation (Organization Validation);
EV — extended validation (Extended Validation);
SII — subject information(Subject Identity Information).

Subscribing to SSL certificates

Due to the reduction of certificate validity periods, certificate authorities offer an SSL subscription model. This allows purchasing a certificate for a long period (for example, for 1–5 years), while the technical certificate will be reissued automatically in accordance with the new rules (every 200, 100, or 47 days).

With a multi-year subscription, you pay for the certificate several years in advance and reissue it annually. In the client area, two different dates are displayed for such a certificate:

Expiration date — the expiration date of the current certificate (according to CA/Browser Forum rules);
Paid until — the expiration date of the paid subscription period.

For example, your client orders and pays for an SSL certificate April 02, 2026. for 5 years. After successful processing, two fields are displayed for this certificate in the client area: Expiration date and Paid until. The field Expiration date will show the date October 19, 2026 — the date until which the current certificate is valid. The field Paid until will show the date April 02, 2031. — the expiration date of the paid period. Each year during this period, platform will automatically perform an action according to the settings:

send a notification about the need for reissue;
reissue the certificate for the next year.

If the certificate is purchased for one year, the field Paid until remains empty.

Setting up a reissue policy

You can configure the SSL certificate reissuance policy:

via the platform interface. In the main menu, go to Products → Product types → SSL certificate → button Edit → block Subscription:
- Expired certificate processing policy — select one of the options:
  - Automatic certificate reissue — default value;
  - Certificate expiration notification — a notification is sent to the client about the expiration of the current certificate. To set the notification template, in the main menu go to the section Settings → Message templates;
- Period to start working with expiring certificate — specify how many days before the certificate expiration the policy should be triggered. Default value — 10, maximum value 200.
using the configuration file /usr/local/mgr5/etc/billmgr.conf. Use the options:

- Option SSLSubscriptionPolicy — specify to configure the certificate processing policy within the subscription. Values:
  - auto — certificate reissuance is triggered automatically. Default value;
  - manual — a notification is sent to the client about the expiration of the current certificate. To set the notification template, in the main menu go to the section Settings → Message templates;
  - none — no actions are performed;
- Option SSLSubscriptionBefore — the value determines how many days before the certificate expiration the Option SSLSubscriptionPolicy policy should be triggered. Default value — 10, maximum value 200.

Logging

Log of interaction between Namecheap and the billing platform is recorded in file /usr/local/mgr5/var/pmnamecheap.log.

You can add string "pmnamecheap.* 9" to file /usr/local/mgr5/etc/debug.conf to display more information in the log.