What do I need to order a SSL Certificate for a client?
To order a SSL Certificate you will need the following:
1. An unique IP address for the domain name that willl use the certificate
2. A CSR (Certificate Signing Request ) generated from the server that will use the SSL certificate
- to generate the CSR you must supply company information, like the official address, e-mail and the Common Name (domain name).
What is the validation procedure?
The validation procedure depends on the validation method of the certificate.
For Domain Validation (DV certificates) an e-mail will be send to the Approval E-mail address specified in the order form. This Approval E-mail address has to be related to the domain name, like firstname.lastname@example.org or an e-mail address specified in the WHOIS information of the domain name.
For Organisation Validation (OV certificates) also an e-mail will be send to the Approval e-mail address (see above) but in addition the company details have to be validated, this is usually done by checking the company details with the Chamber of Commerce and by demanding an ID (passport, drivers license) from the contact person listed in the order form (this can be send by fax).
How do I choose the right certificate?
Each certificate guarantees a secure (encrypted) connection. The differences between the various certificates involve extra options like; securing several domain names or subdomain names, certificates with mobile support or certificates that support older browsers. Thus, better-known brands ensure greater confidence. To help you choose the right certificate we have developed a wizard. By answering a few questions the wizard will provide you with a list of certificates that match best with your situation. Read our specific SSL pages for more information about the different brands and validation methods .
Will a SSL Certificate automatically be renewed?
No it will not. A SSL Certificate is only valid for a certain period of time. The Control Panel displays the expiry date of the certificates and you will get a warning when the expiry date is getting near. To renew your certificate you simply have to buy another one. When you order a certificate you can extend the validity period for up to
6 years, you will also benefit from a discount when you choose a longer period.
How can I check a SSL Certificate?
Use our Site Check tool to see if your certificate is correctly installed. The Site Check tool will also display additional information which will give you an overall idea about the quality of the secured connection. It will display the Certificate Authority, the expiry date of the certificate, the encryption strength and if Server Gated Cryptography (SGC) is available for older browsers.
My CSR is invalid. What can I do?
Check your CSR with our CSR Decoder tool .
Verify all information in the CSR and check if all required fields are entered. Check if the domain name (Common Name) is correctly spelled. A Wildcard certificate must contain the * in the Common Name like *.yourdomain.com. Don't use internal server names as Common Name, it has to be a Fully Qualified Domain Name (FQDN).
Check the contents of the CSR, are there any invalid characters like ''&, '^', '?', '@', '#', '$' en een '*'? Blank lines, spaces are also not allowed in a CSR.
How do I request a replacement?
In case of a server crash/renewal or in case you have lost your private key, you can request a SSL certificate replacement. For some certificates this is a free service (certificates with a Replacement Warranty). To replace your certificate, logon to the Control Panel, locate the specific certificate and click on the Replacement icon on the right side. You will have to provide us with a new CSR, paste it in the text box and select an Approval e-mail address. Confirm the e-mail which is sent to this Approval e-mail address and you will get a new certificate by e-mail (or download the new certificate through the Control Panel).
How do I install a certificate on several servers?
If you want to install a certificate on more than one server (assuming you have more than one license) the general procedure is as follows: Generate your CSR on one server and install the certificate on this same server. After the installation is completed, export/import the certificate to the next server. More information on exporting your certificate on Windows servers.