RSM require a subdomain to be created for the purpose of InTime users logging into InTime. Each of our clients have their own unique subdomain and SSL certificate where their version of InTime can be accessed from. This allows you to have a URL of your choice, such as 'timesheets.youragency.co.uk'. It also allows your instance of InTime login page to be branded with your logo (see image below). You can then use a URL link, embedded in your website, to direct the user to that sub domain (your version of InTime).
Once you have chosen a subdomain name, you will need to request for your website provider to create the domain for you. Your website is then required to be protected with an SSL certificate.
Every InTIME InTime system needs to be secured with an SSL certificate for security purposes, the support team at RSM would have previously needed to provide a CSR (Certificate Signing Request) to you so that an SSL could be ordered. We have now added functionality to the system to allow you to start and complete the SSL order process via the InTIME InTime system. You will now see a new option within Administration Settings > System Configuration > SSL ConfigurationCertificate
You will then see the following screen:
You will see instructions on the right hand side of the screen which details the steps to complete the order, however the areas are outlined below that require your attention:
...
• Upon completion of these steps the site will be secure and can be accessed via the https protocol.
Certificates and Web Site Security
...
The most common use of certificates is for HTTPS-based web sites. A web browser validates that an SSL (Transport Layer Security) web server is authentic; so that the user can feel secure that their interaction with the web site has no eavesdroppers and that the web site is who it claims to be. This security is important for electronic commerce. In practice, a web site operator obtains a certificate by applying to a certificate provider with a certificate signing request. The certificate request is an electronic document that contains the web site name, contact email address, and company information. The certificate provider signs the request, thus producing a public certificate. This public certificate is served to any web browser that connects to the web site and proves to the web browser that the provider believed that the provider issued a certificate to the owner of the web site. Before issuing a certificate, the certificate provider will request the contact email address for the web site from a public domain name registrar, and check that published address against the email address supplied in the certificate request. Therefore, an https web site is only secure to the extent that the end user can be sure that the web site is operated by someone in contact with the person that registered the domain name.