Key Steps to Secure Your Website with an SSL Certificate

SSL Certificate Activation

To kickstart the SSL Certificate activation process, we require a CSR (Certificate Signing Request) that includes all the necessary details for your SSL certificate. Learn more about CSR here.

If your website is hosted with us, we'll handle the CSR generation for you. However, if your website is hosted elsewhere, you'll need to generate the CSR from your hosting provider. 

During the ordering process, if you choose "Another Provider" as your web host, we'll request the CSR from you. 

Knowing If You Need to Provide a CSR

When ordering an SSL certificate, you'll need to specify your hosting provider. Your hosting provider is where your website is hosted. If you select us, don't worry, we will handle the CSR generation for you. However, if you choose 'Another provider,' you must provide the CSR yourself. Occasionally, we may ask for a new CSR if the submitted one is invalid. If this occurs, watch for an email from us requesting an updated CSR. 

What is a CSR (Certificate Signing Request) 

A CSR, also known as a Certificate Signing Request, is an encrypted piece of code that includes essential information such as: 

CSR serves to communicate with a Certificate Authority (CA) for the issuance and signing of your SSL Certificate, which is your official certificate for securing your website. This request is structured as a block of text, like a very long password. 

See the sample CSR below: 

What is a Private Key 

A private key is a vital code generated alongside your CSR (Certificate Signing Request). Its name underscores its importance—it should always remain confidential. When installing an SSL certificate, both your CSR and private key must align. Therefore, it's advisable to create the CSR on the server designated for SSL certificate installation. This practice ensures that the private key is securely generated and stored on the same server, eliminating the need for transferring it across platforms. 

While you can utilize an external CSR generator, you must remember to save the private key for future use during SSL certificate installation. However, we don't recommend this due to associated risks. Unless you are confident in your ability to safeguard the private key during transfer, it is recommended to generate the CSR directly on the server where the SSL certificate will be installed. 

Here is an example of what a private key looks like: 

How to Validate Domain Control (DCV) for SSL Certificate Activation 

When we activate the SSL certificate order, you'll need to complete Domain Control Validation (DCV). This step confirms your administrative rights and verifies your access to the domain name associated with the SSL certificate. 

There are various methods to validate domain control, but we primarily use the DCV CNAME method. This method entails adding a CNAME record to your domain. 

If we host your DNS, you won't have to perform this step. However, if your DNS is hosted elsewhere, we'll send you a notification containing the unique CNAME record required for DCV. 

Here's how you can add the unique DCV CNAME record to your DNS: 

1. Log in to your DNS hosting provider's dashboard.
   
   Note:

   To find out where your DNS is hosted, you can perform a Whois lookup here: https://www.whoismydomain.com/. On the result, locate the Name Server section. The set of name servers indicates your DNS provider.
2. Navigate to the DNS settings or DNS management section.
3. Add a new CNAME record with the provided details from our email notification.
4. Save the changes and allow some time for the DNS changes to propagate. Refer to the email we sent on how to check if the new CNAME is already working.
5. Once done, please let us know by replying to the email we sent for us to proceed with the validation.

Once this step is successful, your SSL certificate becomes available for download from your Account Manager. Note that if you're getting a Wildcard or EV SSL certificate, you'll need to go through an extra validation process. 

Additional Company Validation

EV and Wildcard SSL certificates require an additional level of validation. You'll receive an email containing detailed information and instructions on how to proceed with this validation process. 

Installing your SSL Certificate 

Get your SSL certificate installed for free if your website is hosted with us! For websites hosted elsewhere, follow these simple steps to install your SSL certificate:

A. Download the SSL File

1. Log in to your Account Manager.
2. In the SECURITY section of your product tabs, click Secure SSL.
   
   
3. When the SSL Certificates page opens, click the applicable registered SSL Certificate, if you have multiple SSL products.
   
   
4. Click the burger icon (three-line bars), and then click Download.
   

B. Install the SSL Certificate

Contact your hosting provider and request them to install the certificate on your website. Note that some hosting providers may charge additional fees for SSL Certificate installation.