Website Security with Industry Leaders

Get the highest-level security for your website with our affordable web security services.

Https

Frequently Asked Questions

Go Through These FAQs and Get Instant Answers to Your SSL Related Questions

The SSL industry has been going around for quite some time, and someone who isn't technical or looking for the SSL will have some questions, especially if they're first-timers.

Here our team has gathered common questions and answers that clients usually ask before purchase, during the validation process, or after issuance.

Common FAQs Regarding SSL

What's an SSL Certificate?

An SSL (Secure Sockets Layer) is the protocol that establishes a secure and encrypted connection between a client (browser) & a web server, and it helps secure, confidential information such as passwords. In addition, to know whether SSL is installed, the easiest way is to look through the URL. If the SSL is installed, you'll find URLs starting with HTTPS instead of HTTP and a secure padlock.

Lastly, there are three validation types of SSL

  • Domain Validation
  • Organization Validation
  • Extended Validation
What's a Domain Validated SSL Certificate?

Domain Validated SSL, an abbreviation of DV SSL, is the most basic SSL certificate that provides you with a simple HTTPS URL and a secure padlock. It's the recommended SSL certificate if you want to secure a website with SSL mainly to prevent the "Not Secure" warning message.

What's an Organization Validated SSL Certificate?

Organization Validated (OV) SSL certificate is the advanced SSL certificate of DV SSL certificate used to secure the company's sensitive data. In an OV SSL certificate, CA (Certificate Authority) does a light business verification to ensure you've legitimate business with the physical location.

What's an Extended Validated SSL Certificate?

An Extended Validated SSL certificate is the most advanced SSL certificate specifically used by websites dealing with the user's sensitive financial information, such as banking or e-commerce website. Offered with the highest visible trust indicator like company name within a secure padlock, almost all giants use it that deals with a financial transaction like PayPal. In addition, to get this SSL certificate, applicants must undergo an extensive validation process where their business authenticity is thoroughly verified.

What Are the Different Types of SSL Certificate Functionalities?

Similar to the validation level, there are also different types of functionalities of SSL certificates. And it's offered as Single Domain, Wildcard, Multi-Domain, SAN, and Multi-Domain Wildcard.

What's a Single Domain SSL Certificate?

The single-domain SSL certificate is the standard SSL certificate that secures a single domain that includes both WWW and Non-WWW domains. For instance. www.domain-example.com and domain-example.com.

What's Wildcard SSL Certificate?

Wildcard SSL certificate secures one main domain and an unlimited number of first-level domains. The cost-reducing Wildcard SSL certificate secures all the sub-domains with one single SSL. For instance, with one single Wildcard SSL certificate, you can secure www.domain-example.com, domain1.domain-example.com, domain2.domain-example.com, and so on.

What's Multi-Domain SSL Certificate?

A Multi-Domain SSL certificate is another cost-effective SSL certificate that secures multiple domains with one single SSL certificate. For instance, if you've multiple websites like www.domain1.com, www.domain2.net, and www.domain3.org, the multi-Domain SSL certificate is cost-effective and easy to manage.

What's SAN SSL Certificate?

A SAN (Subject Alternative Name) is a type of SSL certificate that's similar to a Multi-Domain SSL certificate. But SAN certificate also allows you to secure multiple IP addresses as well.

What's Multi-Domain Wildcard SSL Certificate?

Multi-Domain Wildcard SSL certificate is the combination of two SSL certificates, Multi-Domain and Wildcard. It secures multiple domains and their associated sub-domains with one single SSL certificate. For instance, this SSL is helpful if you have www.domain1.net, www.domain2.com, www.domain3.org, d1.domain2.com, d2.domain2.com, d3.domain1.net, and so on.

What Is a Certificate Authority?

Certificate Authorities, abbreviated as CA, are the providers of SSL certificates. CAs like Sectigo, Comodo, Certera, etc are trusted by globally popular web browsers like Google Chrome and Mozilla Firefox. And in return, it ensures websites with SSL certificates installed will not face the "Not Secure" warning message shown by web browsers and devices.

Order Processing of SSL

What Do I Suppose to Do with the Private Key?

As the name implies, you must keep your Private Key privately with you. In addition, only your hosting provider is the one who should have your private key, and that's also if anyone asks for it. Similarly, you should not delete it as it's an essential key that is needed to keep your installed SSL certificate working.

What to Do if I Want My SSL Certificate to Be Issued Urgently?

If you want your SSL certificate to be issued urgently for a certain reason, you'll need to contact us with your order details along with the request, and we'll help you get your purchased SSL certificate urgently.

Validation or Authentication Process of SSL Certificate

What Documents Do I Need to Provide for Completing DV SSL Certificate Validation Process?

For getting a DV SSL certificate issued, you'll not require to submit any documents. Instead, you'll only need to prove your domain ownership, which gets completed within a few minutes. And once the domain validation is completed, your DV SSL certificate will get issued completely.

Read our detailed DV SSL Validation Process

What Documents Do I Need to Submit to Get My OV SSL Certificate Issued?

To get your OV SSL certificate after purchasing, you'll need to complete a light business verification process that includes submitting certain government-issued documents like business registration details and publicly listed company telephone numbers. Similarly, it's accessible through certain acceptable public telephone directories with the exact business name and address. And this entire verification takes around 1 to 3 business days to be completed.

Read our detailed OV SSL Validation Process

What Documents Am I Required to Submit to Get EV SSL Certificate Issued?

To get an EV SSL certificate issued, you'll need to go through the rigorous vetting process that thoroughly verifies your business authentication by reviewing all the necessary documents. In addition, CA also does the phone verification to know that applicant is authorized to purchase an EV SSL certificate. Lastly, this entire EV validation process takes around 1 to 5 business days to complete.

Read our detailed EV SSL Validation Process

What Documents I'll Need to Submit for the Code Signing Certificate Validation Process?

Code Signing certificates are offered in three different types: individual developer, organization validated, and extended validated. If you've purchased OV or EV code signing certificate, then you'll need to follow the validation process of the OV or EV SSL certificate as mentioned above.

However, if you choose to go with an individual code signing certificate, you'll need to submit a form to verify your identity as an individual developer. Similarly, you'll also need to submit a government-issued ID and some additional documents according to the policies of the certificate authority.

How Long Does the Validation Process Take to Complete?

Depending upon which type of validation level you've chosen, your SSL certificate validation process is complete. For instance, if you've purchased a DV SSL certificate, it'll be completed within minutes once you prove your domain ownership. And if you've chosen to go with the OV SSL certificate, it'll take around 1 to 3 business days. Lastly, if you've chosen the EV SSL certificate, it'll take around 1 to 5 business days for the validation process to complete and get your SSL certificate issued.

Accidentally I've Deleted My Private Key. What Do I Do?

You'll need to generate a new CSR (Certificate Signing Request) and a new private key. Similarly, you'll need to get your SSL certificate reissued.

I've Changed the Server or Moved the Site to Other Hosting Provider. How I Move SSL Certificate?

If you've changed the server or moved your website to another hosting provider, you'll need to generate a new CSR and re-issue your SSL certificate.

Can I Reschedule the Verification Call That I Get from the Certificate Authority?

Yes, you can reschedule your verification call, but you'll have to contact the SSL certificate provider and inform them when you want your verification call to be done.

Similarly, if you want to be called on another telephone number, then ensure the certificate authority verifies it. So, CA can confirm that the number they'll call will get answered.

What Do I Suppose to Do if My Verified Telephone Number Is Outdated?

You must let your SSL provider know if your telephone number is outdated, so we can tell the CA (Certificate Authority) from where to find your latest updated telephone number and update it.

To Whom Shall I Send My SSL Validation Documents?

Due to any reason, if the vendor fails to verify the information entered at the time of the generation process, the SSL vendor will contact the Administrator and request the documents. In addition, you can also directly attach all the asked documents and send them as an email. Furthermore, if the issue or question arises regarding the document, you can contact us directly, and we'll let you know about other alternative ways.

What I Do, My Validation Process Is Completed, but I Haven't Received My SSL Certificate?

Usually, once your validation process completes, you get your SSL certificate issued and sent to the registered email address. And if you haven't received it, you can log in to your CerteraSSL account, check your order and if the validation is complete, you can download your certificate from there..

Shall I Use the Whois Listed Email Address for Completing DCV (Domain Control Verification)?

You can use Whois's registered email address for DV, OV, and EV SSL certificates.

What I Do, I'm Not Able to Remember My Login Details or Maybe I've Lost It?

If you've lost your login details or cannot remember them, go through the forgot password link. Similarly, if you can't remember the email address you used for signing, don't hesitate to get in touch with your SSL certificate provider, and they'll help you find your account.

CSR Generation

What's a CSR?

CSR (Certificate Signing Request) is mandatory to request your SSL certificate. The CSR gives the needed information to the SSL certificate provider about the applicant, like organization name, location, and for which domain SSL is requested.

How to Generate a CSR?

The free online CSR generator tool is available where you are required to submit all the asked information, and once you click the generate button, it generates CSR. Secondly, CSR generation guides are also available if you wish to generate CSR using the OpenSSL command.

I Found Something Incorrect Within My CSR. What Do I Suppose to Do?

You cannot edit generated CSR. You'll need to generate a new CSR with all the correct information.

The Generated CSR Is Not Decoding, What I Do?

Make sure you've copied the correct file and are not using the self-signed certificate or the SSL you may have used earlier. Nonetheless, if your CSR isn't decoding, you'll need to generate a new CSR.

I'm Getting a "CSR Invalid" Error Message at the Time of SSL Certificate Activation Process. What Do I Do?

If you're receiving CSR Invalid error message, then there's a possibility you may not have formatted the common name accurately for the type of certificate you got. For instance, in Wildcard SSL certificate common name should be *.domain.com. And another possibility is that you may have used invalid characters in some fields. And the only option you're left with is to generate a new CSR using only English alphabets and numbers from 0 – to 9.

What's the Use of a Private Key?

Private Key is used for server-side exchange for making a secure SSL connection. And you'll require to reissue your SSL certificate if you lost your Private Key or delete it by mistake, as the SSL certificate provider does not provide it, and it's generated at the time of generating CSR.

CSR Is Not Decoded. What Should I Do?

You might have missed one or more than one required field, or CSR might have non-alphanumeric characters within the mandatory fields. Nonetheless, you'll need to re-generate your CSR.

SSL Certificate Management

How to Add Additional Domains Within a Multi-Domain/SAN Certificate?

If the SSL is active, you'll need to reissue your SSL certificate to add additional domains within the SSL certificate.

How to Change Wrong Common Name?

Reissue your SSL certificate and generate a new CSR.

Does CA Provides Technical Support & Do I Need It?

Yes, technical support is provided by the CA as and when required. For instance, if you come across any SSL-related issue or have any query, you'll always have 24x7 help available from the experts of the SSL.

SSL Installation Process

How to Download My SSL Certificate Files?

Once you generate your certificate and enter all the information for a technical contact, you'll receive an email containing the certificate authority bundle and certification, which you can download it, and it's needed at the time of SSL installation.

How to Install SSL Certificate on Multiple Servers?

For installing an SSL certificate on multiple servers, you'll require the private key, an intermediate bundle, and the SSL certificate. And, then you'll have to install the certificate on each server.

Do I Need a Static/Dedicated IP Address for Using an SSL Certificate?

Yes, you'll need a static IP address for the SSL certificate. And, if you don't have one, you'll have to assign one via your web server or buy from the web host service provider if you are using your own webserver.

Why I'm Not Able to See the Secure Padlock Icon?

Suppose you cannot see the secure padlock icon even after the SSL certificate installation. In that case, there's a possibility it's not installed correctly, or some URLs are still starting with HTTP. Similarly, you can check it using the online tool "Why No Padlock?" and it'll give you a detailed report on the same.

I'm Getting the Message, "The Page Cannot Be Displayed," Whenever I Try Opening the Website. What Do I Do?

There can be multiple reasons why you get this error message whenever you try opening the website. Most of the time, it's because of the SSL certificate or the server you're using. And to find out, you'll need to perform a test using the SSL Labs tool, which will give you an accurate answer to what is causing it.

Why Does It Say the SSL Certificate's Name Doesn't Match the Website?

This error means the domain browser is trying to open, pulling a certificate of another domain name that isn't bound with the website you're opening. Similarly, there's also a possibility that your website could be using the default SSL certificate, which isn't provided to the host or the server. To correct this issue, you'll have to ensure that the SSL certificate is installed on the correct website for which the SSL is issued.

How to Find Out Whether the Installed SSL Is Working Correctly?

You can check using the free-to-use SSL checker tool that tests and let you know whether your SSL is installed correctly.

SSL Certificate Renewals

How to Renew My SSL Certificate?

Renewal of SSL certificate is purchasing an SSL certificate. The term "renewal" is used within an industry by providers. To renew your SSL certificate, you'll go through the exact same process that you did for the first time. And, whenever you renew your SSL certificate, you buy it all over again. However, if you renew it before it expires, the remaining time is carried forward with the renewed SSL certificate.

Do I Have to Generate a New CSR for Renewing My SSL Certificate?

It's not mandatory, but it's recommended that you generate new CSR for security reasons.

Do I Have to Submit All the Documents for Business Verification Again for the Renewal of the OV/EV SSL Certificate?

It depends entirely upon the information you provide at the time of renewal. The CA (Certificate Authority) may use past confirmed information. For example, if EV SSL is ordered, then it's necessary to have your valid documents of more than 13 months to complete your business validation process. And, if you're choosing OV SSL, then CA may allow validating earlier data up to 27 months from the original order date.

Code Signing Certificate

What's a Code Signing Certificate?

A code signing certificate is a digital security certificate used by software developers to sign and embed digital signatures on their software digitally. Similarly, the digital signature uses the public-private key infrastructure (PKI), which helps ensure the software isn't tampered with since its signing.

Why I'm Not Able to Download Code Signing Certificate?

Suppose you aren't using Mozilla Firefox as your web browser to generate or export the code signing certificate with the same computer system. In that case, you will face an issue while downloading a code signing certificate. Henceforth, ensure you're on the same computer system and using Mozilla Firefox for all the code signing-related processes.