• What is SSL?
• SSL Certificate Features
• Ordering A Certificate
• Certificate Installation
• SSL Certificate Errors
• SSL Details
• Special Types

How To Order An SSL Certificate

Ordering an SSL certificate can be as simple as pie or it can make you want to pull your hair out. Learning about how to order a certificate such as creating a CSR and preparing your WHOIS record and company validation documents, can make the process much easier to deal with.

What is needed to buy a certificate?

A unique IP address. Unless you have a special set-up on your web server (using host headers), you will need a separate IP address for each certificate that you want to use.

A CSR. A certificate signing request or CSR is a piece of text that must be generated on your web server before ordering the SSL certificate. The certificate authority will use the information contained in the CSR (Organization name, domain name, public key, etc...) to create your certificate.

Correct contact information in WHOIS record. When you purchase a certificate for a particular domain name, the certificate authority needs to ensure that you own the domain name that you are getting the certificate for and that you are authorized to order the certificate. This is primarily done by making sure that the WHOIS record (the ownership and contact information associated with each domain name) matches the company name and address that is submitted with the certificate order. You can check the WHOIS record for your domain name here.

Business/Organization validation documents. If you are buying a high-assurance certificate, your business must also be validated. Certificate authorities often check government databases online to verify that your company is registered but they may still need you to send in a government registration document if they can't find your business. Each certificate authority has slightly different requirements for validation.

What is a CSR (Certificate Signing Request)?

A CSR is an encrypted block of text that is generated on the server that the certificate will be used on. It contains information that will be included in your certificate such as your organization name, common name (domain name), locality, and country. A private key is usually created at the same time that you create the CSR. The certificate created with a particular CSR will only work with the private key that was generated with it. So if you lose the private key, the certificate will no longer work.

How do I generate a CSR and private key?

You need to do this on the server that the certificate will be used on. You can find instructions in your server documentation or try the instructions from one of these certificate authorities:

Comodo CSR Generation Instructions
DigiCert CSR Generation Instructions
GeoTrust CSR Generation Instructions
Thawte CSR Generation Instructions
VeriSign CSR Generation Instructions

How long does it take to get a secure certificate?

How quickly you get your certificate depends on what type of certificate you get and which certificate provider you get it from. If you get a domain-validated only certificate you will get it issued instantly or within a few minutes. If you get a normal, organization-validated certificate, you may get it issued within an hour to a few days after you submit all the documentation. If you get an extended validation certificate (EV), you may wait several days to a few weeks while the validation takes place.

© 2008 SSL Shopper™ | SSL Certificate Comparison | All Rights Reserved