FAQs

A CSR is issued immediately. It will be issued to you as soon as you fill in the SSL CSR Generator from above.

Copy Link

Whether you accidentally or purposefully enter some incorrect information while using the CSR generation tool, the CSR and the Private Key will still be issued to you immediately. However, once you use the CSR code to apply for an SSL Certificate, you may or may not be issued an SSL Certificate. It is solely at the Certificate Authority’s discretion to approve or decline your SSL Certificate issuance if you entered incorrect information about you and your company.

If you realize that you entered incorrect information while generating the CSR, you simply have to put aside, ignore or delete your existing CSR and Private Key. After that, you should generate a new CSR code (which will automatically generate a new Private Key too), using correct information about yourself and your company. Use the newer CSR when applying for an SSL Certificate, and then your newer Private Key when installing your SSL Certificate on your website and server.

Copy Link

The CSR contains the following encrypted information: your country, state, city/town, name of the organization, department from your organization, the domain name that you want the SSL Certificate to be issued for, and the email address where your CSR code and the Private Key will be sent to once they are both generated.

Copy Link

A Multi-Domain Wildcard SSL Certificate is specifically created to allow users to secure multiple domains and sub-domains using one single SSL Certificate.

NOTE #1: Any Multi-Domain Wildcard SSL Certificate should start with a non-Wildcard domain. This means that anytime you configure and request a Multi-Domain Wildcard SSL Certificate, you need to generate a CSR (Certificate Signing Request) for a single domain (such as: example.com), without any asterisk sign “*”. This is a requirement that comes from the Certificate Authorities. All the additional SANs (2nd, 3rd, 4th domains) can be Wildcard domains.

For example, a Multi-Domain Wildcard SSL Certificate that has 3 SAN (4 domains) by default, allows you to secure the following:

1. One main domain and multiple Wildcard domains:
   1. example.com – included in the CSR (Certificate Signing Request)
   2. *.example.com
   3. *.mysite.com
   4. *.abcxyz.com
2. One main domain and multiple Wildcard domains (with both, 1st level and 2nd level sub-domains):
   1. example.com – included in the CSR (Certificate Signing Request)
   2. *.example.com
   3. *.mob.example.com
   4. *.mysite.com
3. Several domains and multiple Wildcard domains (with both, 1st level and 2nd level sub-domains):
   1. example.com – included in the CSR (Certificate Signing Request)
   2. *.example.com
   3. mysite.com
   4. *.mob.mysite.com

NOTE #2: If you add a SAN item like *.domain.com, you will protect its unlimited sub-domains but not the main domain. For example, if you want to secure secure two domains and all their sub-domains, you have to configure your SSL in the following format:

1. domain.com – included in the CSR (Certificate Signing Request)
2. *.domain.com
3. mysite.com
4. *.mysite.com

You can add sub-domains to your server and they will be covered by your Wildcard SSL Certificate automatically. You do not need to re-issue your Wildcard SSL Certificate each and every time when you add sub-domains to it. The newly added sub-domains will be automatically covered by your Wildcard SSL Certificate.

Copy Link

The “SSL Certificate” stands for “Security Socket Layers Certificate”. This protocol was created to protect data travelling between two machines through data encryption.

All the information from the Internet is basically transferred from one location to another in the form of HTTP language (Hyper Text Transfer Protocol). But HTTP by itself is unprotected and susceptible to Internet tricksters and thieves. That’s why SSL Certificates were developed to protect the information traveling on the Internet.

You may know about the SSL Certificates by some common things you see in your browser: the padlock, the “HTTPS” on the browser tab (when HTTP is being protected by SSL it inherits the letter “S”).

These are all indications that the website you are using has SSL encryption and its information is secure against cyber attacks.

Copy Link

An SSL certificate warranty is insurance which covers any damage that you may incur as a result of a data breach or hack that was caused due to a flaw in the certificate. The SSL warranties range in value from $5,000 to $1,500,000. This means that the higher value certificates come with more extensive warranties.

Copy Link

Whether you accidentally or purposefully enter some incorrect information during the CSR generation process, the CSR and the Private Key will still be issued to you immediately. However, once you use the CSR code to apply for an SSL Certificate, you may or may not be issued an SSL Certificate. It is solely at the Certificate Authority’s discretion to approve or decline your SSL Certificate issuance if you entered incorrect information about you and your company.

If you found out that the CSR is wrong and you already configured the SSL, please open a ticket with us and provide the correct CSR.

If you realized that you entered incorrect information in the CSR while generating it, you simply have to put aside, ignore or delete your existing CSR and Private Key. After that, you should generate a new CSR code (which will automatically generate a new Private Key too), using correct information about yourself and your company. Use the newer CSR when applying for an SSL Certificate, and then your newer Private Key when installing your SSL Certificate on your website and server.

Copy Link

In some cases, the CAs may require manual verification if your order fails any internal rules of Brand Validation. It takes around 24-48 hours to pass this manual check, and the CA will either issue or reject an order in such cases.

Here are the most common reasons why certificate authorities decide to do the brand validation for some orders:

1. Orders from some countries are reviewed manually more often than others, for example:  South Korea, North Korea, Japan;
2. Restricted countries – Russia (RU), Belarus (BY) (since 2022), Afghanistan (AF), Crimea (Russia), Cote d’Ivoire (CI), Cuba (CU), Eritrea (ER), Guinea (GN), Iraq (IQ), Iran (IR), Democratic People’s Republic of Korea (KP), Liberia (LR), Myanmar (MM), Rwanda (RW), Sudan (SD), Sierra Leone (SL), South Sudan (SS), Syrian Arab Republic (SY), Venezuela (VE), Zimbabwe (ZW) – SSL are NOT issued for these countries: https://sectigo.com/knowledge-base/detail/Banned-Country-List-1527076085907/kA01N000000zFKI and https://knowledge.digicert.com/solution/Embargoed-Countries-and-Regions.html
3. The domain name includes a brand name, such as: facebook-app.com, sony-shop.net, dellshop.com, etc;
4. The domain name may have a hidden brand name. For example, your domain is “sibmama.com”, but the automated validation system may read it as “sIBMama” and flag the “IBM” brand. The certificate authority wants to check such orders manually;
5. The domain name has “stop words”, such as: pay, online, secure, booking, shop, bank, transfer, money, e-payment, payment, protection, violence, terrorists, and others. These words and many others are set as triggering words inside the validation system, and make the certificate authority review such orders manually;
6. Domain name is blacklisted OR has a bad reputation.
   

What you can do to speed up the process?

Please contact Sectigo and Thawte, RapidSSL, GeoTrust, DigiCert directly via live chat and discuss the situation with the CA’s representative.

Please mention your “Partner Order ID” in your message.  You can find your “Partner Order ID” on the details page of your SSL Certificate inside your SSL Dragon account. See the screenshot on the right.

Copy Link

1. Choose the SSL Certificate, then select the period (1, 2, or 3 years) and number of domains (only for Multi-Domain SSL Certificates), and click “Buy Now”;
2. You’ll be redirected to your Shopping Cart, where you need to confirm the period and, for Multi-Domain SSL Certificates, the number of additional domains. Review your Order Summary then click “Continue”;
3. On the Review & Checkout page, you’ll find the “New Customer” fillable form which you need to complete to create your SSL Dragon account. Afterward, insert your Promotional Code (if you have it), any Additional Information (if necessary), select the desired Payment Method,  confirm that you’ve read and accepted our Terms of Service, and click on “Checkout”;
4. You’ll be redirected to your Invoice which you need to pay using your selected Payment Method. Once the payment is done, you will see your order number and additional details on your Order Confirmation page. You will find your SSL Certificate in “My Account” at “SSL Certificates” -> “My SSL Certificates

Copy Link

BV SSL Certificates issued by GeoTrust, Thawte, and DigiCert have a quicker and easier Business Validation process compared to those issued by Sectigo.

With GeoTrust, Thawte, and DigiCert, the Certificate Authority does most of the company validation process all by itself, and in rare cases requires the customers to provide additional information and legal letters signed by a notary, certified public accountant, or an attorney.

On the other side, Sectigo relies a lot on the customer to provide all the information about his/her company, as well as updating the company’s DUNS listing (on the Dun & Bradstreet website) and providing legal letters signed by a notary, a certified public accountant, or an attorney.

You can read what the Business Validation process with these different brands consists of at this link.

Copy Link