If you are interested how to get SSL certificate, read this article! First you have to choose what type of SSL best suits your needs: certificates with domain check or SSL with verification of the company.
SSL certificates with domain check
To get the certificate with domain check you have to create a CRS request.First generate a private key and a CRS request (What is CRS request and how to create it?, CRS request creating in ISPmanager, CSR request for Apache ).
If you administrate the server by yourself, you need to generate a private key and CSR code in accordance with the documentation for your programming software. Before you create a request for a certificate, please review information about what is CSR code and how to create it.
If your server is administered by the web hosting provider, contact its technical support team with a request to generate a private key and CSR code for you. Be careful! Generating the CSR code you have to use the details of the company that requests the certificate but not the web hosting provider.
Save the password that you use to generate the secret key. Be sure to make a backup copy of the key on external media (flash drive or disk). In case of password or key loss you will be not able to use the received SSL certificate.
The domain validation is performed by sending emails to the address listed in the WHOIS data of the domain. If WHOIS data is hidden, you must open it before you apply to receive your SSL certificate, or use one of the email addresses created on the domain (admin, administrator, hostmaster, webmaster, postmaster). Enter only those email address, to which you have access when generating a CSR request. To confirm the registration of the certificate, you must click the link in the email and press “Approve”.
In the case of successful domain verification, the certificate will be issued within 10-30 minutes, the certificate files will be sent to your email.
SSL with verification of the company
1. To obtain an SSL certificate with verification of the company do the following:
You must create the CSR request, put details about the company to the application form.
If the certification center did not confirm the presence of your company in the register of legal entities, you must prepare the following documents:
- an electronic copy (scan) of the certificate of registration of your legal entity in the unified state register of legal entities;
- an electronic copy (scan) of the certificate of registration of your legal entity registered with the territorial tax authority;
- an electronic copy (scan) of the document, which confirms the presence of a contact phone number. This can be a copy of the receipt of payment to this number or a copy of the contract with the telephone company. Be sure to highlight your contact phone number on the document. This number is necessary for the implementation of the verification call to your organization. If you cannot provide such a document, we recommend you to register in public databases such as the Yellow Pages telephone directory. Customers who are going to order Thawte certificate may provide a notarized statement confirming the right of the technical contact to apply for a certificate on behalf of the company.
Make sure that all the documents have been registered not later than 12 months from the date of filing. Copies of documents must be sent to us or to the certification center on request.
2. Apply on our website and pay the bill
Select the required SSL certificate (among those that are available on our website) and press “Order”. The next step: select the term of service, qualify the domain name for which the SSL certificate is issued, copy the CSR request and specify the type of web server. After you finish ordering procedures, you will recieve an invoice. After you make the payment, the certification center will begin to check all the data.
3. Domain check:
Make sure that the domain data in the Whois database is opened (Whois Privacy Protect is disabled), and administrative data of the domain is identical to the real data of the organization.
After application and payment you will receive a confirmation email for the domain owner from the certification center. The letter usually contains a link, clicking on which, will need to confirm the certificate. (The letter can be sent immediately, but after performing the fourth step).
Note that, the email address created on the domain name for which the certificate is issued is used for the verification. Possible mailbox names for check: admin, administrator, hostmaster, webmaster, postmaster, or email that you specified as administrative in the Whois database. Specify one of these addresses to which you have access) while generating a CSR request.
4. Check of the organization’s data.
The certification centre check the CSR code and the documents provided by the customer, and makes a test call on the specified technical contact. Typically, it takes three to five working days. If the organization is not the owner of the domain to which the certificate is issued, the domain owner will need to send a written permission. The template of it is provided on demand.
To accelerate the verification procedures we recommend you to pre-register in publicly accessible databases such as Yellow Pages. Ukrainian companies are also checked in the irc.gov.ua database. Make sure that the data specified in this registry are the same as yours. If some data does not coincide with the real one, you need to updated it.
The person who is responsible for the contract must be informed about the ordering of the SSL certificate, he must know the name of the organization and the domain.
5. A certificate issue.
Usually, it takes within one day to issue the SSL certificate (after the data verification procedures is over). The code of the SSL certificate is sent to your email and you are able to install it.
Цe explained how to get SSL certificate in this article, after you may use our Instruction for SSL certificate installation.