Types

All Business Validation Certificate Authorities Changes Code Signing Configuration CPAC CSR Code CSR Decoder CSR Generation Tutorials CSR Generator DigiCert Domain Validation Extended Validation General Install SSL Certificates Installation IP Address LEI Multi Domain Payments Private Key Renewal S/MIME Types Updates Wildcard
Can I secure a domain name that has .local as an extension?

Unfortunately, domain names that end with .local are not supported from November 1st, 2015. If you request an SSL Certificate for a domain or sub-domain that has .local as an extension, your SSL Certificate will be rejected by the Certificate Authority.

If you want to secure a domain or sub-domain on your localhost, you can create a self-signed SSL Certificate. There is plenty of documentation online on how to do that.

Copy Link

Can I secure an IP address with an SSL Certificate?

Yes, you can secure an IP address with an SSL Certificate. However, only some specific SSL Certificates will allow you to do that. Here are those SSL Certificates:

– Sectigo InstantSSL Premium
– GoGetSSL Public IP SAN

Please note that the Sectigo InstantSSL Premium is a Business Validation SSL Certificate, which means that you need to have a registered company in order to be issued this SSL certificate.

GeGetSSL Public IP SAN is a Domain Validation SSL Certificate which secures 2 IP addresses by default.

Copy Link

How to pass the IP validation for a public IP address?

Certain SSL Certificates allow you to secure an IP address, only if it is a public IP address. The validation process for IP addresses is similar to validating a domain name, but it has its particularities. That is why we encourage you to follow the guidelines below.

GoGetSSL

STEP 1. First of all, you have to configure your SSL Certificate by filling in the configuration form inside your SSL Dragon account.

Important! When configuring your certificate, you will be asked to generate a CSR with NO Common Name. Here is how to do it.

STEP 2. Mention your IP address / IP addresses in the SANs field.

If you have just 1 IP address, just insert it in the SANs field, with no extra spaces or characters, e.g.:

123.34.34.234

If you have 2 or more IP addresses (if you purchased additional SANs), insert your IP address list in the SANs field, with each IP address space-separated, e.g.:

123.34.34.234
124.34.24.234

Important! This step is mandatory. Since the CSR has no IP address included in its fields, it’s important to mention your IP address / IP addresses in the SANs field. Otherwise, if you leave the SANs field blank, the SSL Certificate won’t be further configured and you’ll see an error message.

NOTE: if you need to secure an IP address and a domain name, GoGetSSL PublicIP SAN allows you to do that, but it needs manual configuration. Please open a ticket with us, send us the CSR (with No Common Name), the IP address, and the domain name. We’ll configure the SSL manually and provide you the instructions for further validation.

STEP 3. Once your certificate is configured, you have to prove the ownership or right to use that IP address. To do that, you have to pass the HTTP/HTTPS validation for your SSL Certificate. Email or DNS validation are not available for IP validation. To pass the HTTP/HTTPS validation, you have to create a .TXT file that contains the validation code provided on the “Content” field on the details page of your SSL Certificate page. The “Content” that you have to add to the .TXT file looks similar to this:

38622319C755B5952FA4CD590655F05000C4951C2EF07BFFCB2BBA23623BE9D6
COMODOCA.COM
t0520161001553133275

Then you have to upload the TXT file at a location on your server that looks like this:
http://127.0.0.1/.well-known/pki-validation/B34037F1D9BFE9F5936AFEA9798174AB.txt

127.0.0.1 should be replaced by the IP address that you are trying to validate. You can read the information on how to create the .well-known folder at this link: https://www.ssldragon.com/faq/create-well-known-folder/

Make sure that you can access this file and link from any web browser. Inform us when you uploaded the attached TXT file on your server so that we could run a scan of your website and look particularly for this file at this given link.

If you follow these steps exactly, you will get your IP address validated successfully.

NOTE: If you have a router to secure instead of a server, there is no way to upload the TXT file on your router. The solution to getting the IP addresses validated is to reroute the IP address to a server, put the TXT file on that server, pass the IP validation, and then reroute the IP address back to the router.

Sectigo

STEP 1. First of all, you have to configure your SSL Certificate by filling in the configuration form inside your SSL Dragon account. When configuring your certificate, you will be asked to generate a CSR or enter an existing CSR.

Please make sure you include your IP address as a “common name” (domain/IP that you want to secure) in your CSR.

STEP 2. Once your certificate is configured, you have to prove the ownership or right to use that IP address. To do that, you have to pass the HTTP/HTTPS validation for your SSL Certificate. Email or DNS validation are not available for IP validation. To pass the HTTP/HTTPS validation, you have to create a .TXT file that contains the validation code provided on the “Content” field on the details page of your SSL Certificate page. The “Content” that you have to add to the .TXT file looks similar to this:

38622319C755B5952FA4CD590655F05000C4951C2EF07BFFCB2BBA23623BE9D6
COMODOCA.COM
t0520161001553133275

Then you have to upload the TXT file at a location on your server that looks like this:
http://127.0.0.1/.well-known/pki-validation/B34037F1D9BFE9F5936AFEA9798174AB.txt

127.0.0.1 should be replaced by the IP address that you are trying to validate. You can read the information on how to create the .well-known folder at this link: https://www.ssldragon.com/faq/create-well-known-folder/

Make sure that you can access this file and link from any web browser. Inform us when you uploaded the attached TXT file on your server so that we could run a scan of your website and look particularly for this file at this given link.

If you follow these steps exactly, you will get your IP address validated successfully.

NOTE: If you have a router to secure instead of a server, there is no way to upload the TXT file on your router. The solution to getting the IP addresses validated is to reroute the IP address to a server, put the TXT file on that server, pass the IP validation, and then reroute the IP address back to the router.

STEP 3. The last step towards getting the SSL Certificate for your IP address is to pass the Business Validation. You can find detailed instructions on how to do that at this link: https://www.ssldragon.com/faq/how-to-pass-the-business-validation-for-my-ssl-certificate/

Copy Link

Which SSL Certificate shall I choose?

There are SSL Certificates of three validation types:

1) Domain Validation SSL Certificates – are the least expensive SSL Certificates. They are the easiest to get, and are issued within 3-5 minutes.

2) Business Validation SSL Certificates require you to have a registered company. When users click on the padlock icon for your certificate, they will see your company name. Also, Business Validation Certificates come with a dynamic site seal, similar to the Sectigo site seal that we have in the footer of our website. They are issued within 1-3 business days.

3) Extended Validation SSL Certificates – just like the Business Validation certificates, the Extended Validation SSL Certificates require you to have a registered company, and when users click on the padlock icon for your certificate, they will see your company name. They also come with a dynamic site seal similar to the one from the footer of our website. They are issued within 1-5 business days.

Also, based on how many domains or sub-domains you want to secure, you can look at One Domain SSL Certificates which will secure only one single domain name or sub-domain, Multi-Domain (SAN) SSL Certificates which secure several domains and/or sub-domains at a time, and the Wildcard SSL Certificates which secure one domain and all its sub-domains under one certificate. Finally, don’t forget about the Code Signing SSL Certificates which will sign, secure and protect your software from being infected with malware and then distributed online.

Please note that all these SSL Certificates types come with the same exact security level and encryption strength.

Copy Link

What is a Business Validated (BV) SSL certificate?

The Business Validation (BV), also called Organization Validation (OV), SSL certificate is recommended if you have an e-commerce website that is a registered business. Besides the domain validation performed through e-mail, you will have to provide company documentation to receive business authentication. During this authentication process, the Certificate Authority (CA) will verify if your business is carried out by a legitimate, good faith company operating at the provided location. Since the validation is done manually and involves paperwork, you will receive your Business Validation SSL certificate within 1-3 business days.

After receiving Business Validation, the “https” and padlock icon will be displayed on your website’s address bar. These signs will make customers more willing to entrust you with their personal and financial information. Yet, if your website’s purpose is to perform large sales, offer specific products/services or execute financial transactions, you should consider buying our Extended Validation (EV) certificate.

Copy Link

What is a Code Signing Certificate?

A Code Signing Certificate is a digital file that verifies the authenticity and integrity of software by digitally signing it, ensuring it has not been tampered with and comes from a trusted source. Here’s how a code signing certificate works.

Copy Link

What is a Domain Validated (DV) SSL certificate?

The Domain Validation (DV) SSL certificate is the most affordable choice for increasing the security of your blog, personal or small business website. Since there is no required paperwork, the process of acquiring the Domain Validation certificate is very quick and easy: you will have to prove that you are the domain owner just by responding to an automatic e-mail message. After a couple of minutes, you will receive the issued SSL certificate which can be installed immediately. Sites with Domain Validation certification can be identified by the padlock that is displayed by most web browsers.

This type of SSL certificates is recommended to be used if you need to prove that your site is secured, by having a secured connection. The Domain Validation certificates don’t display the legal entity, as the identity of the website owner is not checked while issuing them. So, if you have an e-commerce website or a site that collects users’ personal data, you should consider buying our Business Validation (BV) or Extended Validation (EV) certificates, which will make your site more trustworthy.

Copy Link

What is a Wildcard SSL Certificate?

The Wildcard SSL certificate was specifically designed for ensuring the security of your main domain, along with its multiple subdomains. For instance, if your site’s domain is ssldragon.com, then the Wildcard certificate for “*.ssldragon.com” will secure an unlimited number of your first-level subdomains like mail.ssldragon.com, account.ssldragon.com or login.ssldragon.com. By buying this SSL certificate, you don’t need to purchase other certificates for each subdomain. The Wildcard SSL certificate comes in two options: Domain Validation (DV) and Business Validation (BV).

Besides being a convenient way of securing your site, Wildcard SSL certificates are very easy to be managed because the domains will have the same renewal date. This is why you should consider getting Wildcard certificates if you own a complex website, with different subdomains, IP addresses or server storage options. Yet, if you have level 2 subdomains (like test.account.ssldragon.com) or you need an Extended Validation (EV) SSL Certificate, you may have to buy a separate SSL certificate for each domain/subdomain or a UCC/SAN SSL certificate for all of them.

Copy Link

What is an Extended Validated (EV) SSL Certificate?

The Extended Validation (EV) SSL Certificate is the best choice if you want to build customer relationships based on security and trust. This certificate is issued only after the Certificate Authority (CA) performed an extensive verification of your company and its owner, confirming that your business is trustworthy. The validation process can take a few business days. But if you keep your company’s records up to date, the Extended Validation SSL certificate will be issued quickly, confirming that your company owns the website.

This type of SSL certificate significantly enhances the trust level of your website. Extended Validation certificates are highly effective in providing protection against phishing attacks because they make your clients feel safer while performing transactions and this fact will definitely boost your conversions. This is why Extended Validation certificates are considered the most reputable SSL Certificates for your website.

Copy Link

Are there any Wildcard EV SSL Certificates?

Unfortunately, there are no Wildcard EV SSL Certificates on the market. The Certificate Authorities refuse to issue EV Wildcard SSL Certificates because of the security reasons, so as they want to have complete control over the subdomains that they issue an EV SSL to. That is why, your only solution is to buy a Multi-Domain EV SSL Certificate that secures multiple domains and subdomains.

Copy Link