Depending on the type of Trust Service product that you are ordering, you might not see all of these fields mentioned in these steps.
Note: The address fields that you complete must specify physical addresses; you cannot specify P.O. boxes.
To order a Trust Service SSL Certificate
1. In the Control Panel, click Trust, and then click the plus sign (+).
2. From the Select a supplier and Select a service drop-down lists, choose the supplier and service that you want to purchase.
If you are ordering a domain vetted certificate, in the text field, enter the name of the domain with which you are associating the service.
3. Click Continue to Next Step.
4. For SiteLock and TRUSTe products, in the Customer section, click the radio button that indicates the type of user account to associate with the Trust service.
If you want to associate your order with an existing account, select the Existing Customer Account radio button and then select the user from the Account drop-down list.
If the order is for a new customer, select the New Customer Account radio button, and enter a user name, password, and email address for the new customer in the Username, Password, and Email Address fields. The username and password allow the domain owner to log in to the Domain Admin end user control panel at resellername.domainadmin.com to configure and manage their Trust Service product and account. The email address is the address to which the Domain Admin login credentials will be sent.
Important: If you select No Customer Account, the service will work: however, the end user will not be able to access the Domain Admin control panel. In that case, you can either provision the Trust Service product for your customer or you can provide your own end user interface. If you do not create a username and password when you order the service, you cannot add it later.
5. In the Service Period & Validation Period section, use the drop-down lists to, choose the certification period, validation email, web server, and server count for the Trust Service. (Depending on the type of certificate that you are ordering, you may not see all of these fields.)
- Certification Period—The number of years for which you want to purchase the product. You can register the product for 1-2 years, depending on the product type.
- Validation Email—The email address of the individual who can approve the order. The Certificate Provider sends the approver email to the address that you specify.
- Web Server—Select the type of Web server that will be using the SSL Certificate. Along with the CSR, the Certificate Provider uses this information to generate the SSL Certificate.
- Server Count—This feature authorizes you to use the same SSL Certificate on multiple servers. In most cases, you are charged the cost of one SSL Certificate for each server. For example, if you choose 10 from the Server Count drop-down list, you are charged for 10 SSL Certificates.
Note: GeoTrust products include unlimited server licenses.
6. For thawte, Symantec, and most GeoTrust certificates, in the Organization contact Information section, enter the contact details for the organization.
7. In the Individual Contact Information sections, enter the details for the Trust Service contacts.
If you are entering a new contact, you must complete all of the fields. To use the same information as an existing contact, choose that contact from the Make same as drop-down list. If you use this feature, make sure that the fields in the designated section are completed.
Note: For Symantec, thawte, and True BusinessID EV certificates, Title is a required field.
Important: For Trustwave certificates only, the approver and certificate emails are always sent to five email addresses: Admin, Administrator, Hostmaster, Postmaster,and Root; therefore, you must ensure that at least one of the following five addresses exists:
8. For all except seal type certificates, in the Certificate Settings section, enter the CSR for the Web server that will be using the SSL Certificate and, optionally, any special instructions regarding the order, and then click Add Service or Save as Draft.
Important: For Trustwave only, you need to remove the word NEW from the BEGIN and END statements of the CSR before you submit the order.
The Certificate Provider uses this information to generate the SSL Certificate. You can find instructions on how to create the CSR on the supplier’s website.
- Sectigo: http://www.comodo.com/csr_autogenerator.php
- GeoTrust: http://www.geotrust.com/support/generate-csr
- Symantec: http://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR235
- thawte: https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=AR1108
- Trustwave: https://ssl.trustwave.com/support/create-csr.php
Note: All certificates require 2048 bit CSRs; however, Symantec will accept 1024 bit CSRs for certificates with expiry dates prior to December 31, 2013, except for EV certs, which require 2048, regardless of the term.
SSL Certificate Providers require the domain’s Admin or Technical contact to approve every order for an SSL Certificate. The SSL Provider sends an email to the Admin or Technical contact, which that contact must approve and return to the Provider. Once the Provider receives the approval, the order is processed.
9. For SAN certificates, in the Additional Domains section, enter the additional domains (other than the primary domain) that you want to include with this SSL certificate. Click Add Domain to display an additional text field. To delete a domain, click the red X beside the domain name.
Note: Certificates with Common Names or SANs that include an IP address are not support at this time.
The following products allow you to enter intranet and local names and to specify server names without any periods: QuickSSLPremium SAN, Secure Site SAN, Secure Site Pro SAN, SSL Web Server SAN, SGC SuperCerts SAN, and True BusinessID SAN.
Each SAN product allows a certain number of additional domains (either 1 or 4, depending on the product), and in most cases, more domains can be added for an additional charge. The number of additional domains you can specify for each certificate type are as follows:
- Quick SSL Premium SAN—4 (subdomains only)
- TrueBusiness ID SAN—4 to 24
- TrueBusiness ID EV SAN—4 to 24
- Secure Site EV SAN—1 to 24
- Secure Site Pro EV SAN—1 to 24
- Secure Site Pro SAN—1 to 24
- Secure Site SAN—1 to 24
- SGC Super Certs SAN—1 to 4
- SSL WebServer EV SAN—1 to 4
- SSL WebServer Certificates with SAN—1 to 4
Note: If you want to add more domains to a SAN cert after the order has been processed, you must contact the Trust Service provider.
10. Click Add Service to submit your order or click Save as Draft to save the order as pending.