This guide will walk you through the authorization process for RapidSSL, GeoTrust and Comodo SSL certificates, and outline the three verification methods from which a registrant can choose.
We'll address the following questions:
What are the three different methods?
RapidSSL, GeoTrust and Comodo SSL certificates can be validated using one of the following three methods:
Selecting this method prompts the vendor to send an email to the registrant, requesting that they confirm the details of the certificate. Once this information has been confirmed, the vendor will send the registrant the certificate for installation onto the registrant's web server.
Upon submitting the order in the OpenSRS Control Panel, a DNS string is immediately provided, and should be added to the DNS for the domain. There are two elements required for creating the DNS record to complete the validation, the random string and the timestamp. A subdomain is created with the random string pointing to the timestamp. Example CNAME record: seQ456Ou5yjGbkYIGTO4MBhb91qnb5rE.brianc.com points to s20160723202445.brianc.com
Please note: The DNS CNAME provided is valid for 24 hours. After adding the CNAME to the zone records, please wait 24 hours for the validation process. If 24 elapses before this string is added to the registrant's DNS records, a new one must be obtained by querying the trust order details.
Geotrust polling times:
- Polling Interval Duration of Polling
- Polling Interval 1 Every one minute for the first 15 minutes
- Polling Interval 2 Every five minutes for an hour
- Polling Interval 3 Every fifteen minutes for four hours
- Polling Interval 4 Every hour for a day
- Polling Interval 5 Every four hours for a week
- Polling Interval 6 Every twenty hours for a year
Comodo DNS polling times:
If the DNS records dosen't exists during the first check then further lookup's happen in the following intervals.
- 10 minutes after
- 20 minutes after
- 40 minutes after
- 80 minutes after
- 160 minutes after
- 320 minutes after
1. In the OpenSRS Control Panel, head to the product order, copy the new CNAME value and enter it in the zone information. After that, click on "Request validation from vendor.” Please wait up to 24 hours for the validation process before requesting another one. The timestamp on the CNAME will change every time the page is refreshed but the previous codes are valid for 24 hours.
2. Use the get_order_info API command to view this information. See example 9 in our API XML guide.
Upon summiting the order in the OpenSRS Control Panel, a TXT file is immediately provided, and should be uploaded to the following directory:
The vendor will check the website for this file and, after confirming it has been uploaded, validate the certificate.
Note: Comodo authorization file name is an MD5 value instead of fileauth.txt. For windows IIS servers, you may place a "." at the start and end of the folder for a workaround.
How and when do I choose my preferred method?
The preferred method is selected at the time of purchase from the product order page in the OpenSRS Control Panel.
What if there is a delay in processing my order?
The vendor will typically check for newly placed orders every hour. If, after 24 hours, a confirmation of validation has not been received:
Click the link provided under Domain Validation Authentication Check to send a manual request for validation. A confirmation of the validated certificate should appear under domain notes no later than one hour after this request is made.
If you continue to have issues, please contact us at firstname.lastname@example.org
How do I parse the CSR?
Parsing the CSR allows you to see the information it contains and correct any errors that may delay the verification process. This can be done from the Trust section of the reseller control panel.
For more information, check out the full guide.
Below, are some quick links to our API XML guide for commands relevant to domain-vetted authorization for RapidSSL, GeoTrust & Comodo SSL Certificate registration.