Contact us at |support@ssldragon.com

Sectigo PositiveSSL

Ideally for

Blog | Personal Site | Portfolio | Basic domain(s)

Brand

Sectigo

Validation

Domain Validation SSL

Issue time

5 minutes

Server Licensing

Unlimited

Secures

One Domain

With / without "www"

Yes

Supported Browsers

99.3%

Documents

No documents required

Support for SAN (UC)

No

Secure Hash Algorithm

SHA-2

Key Encryption

2048 bit

Certificate Encryption

Up to 256-bit

Site Seal

Static

Refund

25 days

Warranty

$10,000

Sectigo PostiveSSL is the cheapest SSL certificate on the market, but don’t let the price deceive you! This Domain Validation cert comes packed with solid features and the same bulletproof encryption you’d get from a premium product. If you have to secure a personal site or a blog, this budget-friendly certificate is all that you need. It’s also a viable option for portfolio websites and even small business sites. Check its specs below:

Secures 1 Domain – both www and non-www versions

Domain Validation

You don’t need paperwork to get this certificate. Domain Validation is automated. All you have to do is select a verification method of your choice (Email / HTTP Hash / DNS CNAME) and wait for the CA to issue the certificate. The whole process takes around five minutes, with no hassle whatsoever.

High-recognition level

You can install this certificate on almost any server and email client to protect sensitive data. With 99.3% browser compatibility, all your visitors will see the SSL padlock and benefit from industry-standard encryption. Best of all, even old browser versions will trust this certificate and won’t mark your site as not secure.

Unbreakable Encryption

Sectigo PositiveSSL may seem cheap, but the encryption it provides is of the highest quality. No hacker will ever break it down, as it’s simply too strong for human capabilities. The 256-bit encryption coupled with the powerful 2048-bit RSA signature key delivers the ultimate protection to your visitors.

$10,000 Warranty

This DV SSL certificate includes a generous $10.000 warranty against any potential data breaches and mistakes on Sectigo’s part. No need to worry about what goes in the background. Sectigo’s got you covered.

Site Seal

The Sectigo Secure site seal gives another dimension to this affordable certificate. As one of the most trusted and recognizable security indicators, it will improve your reputation and conversion rates when placed in the key areas of your site.

Unlimited server licensing and unlimited reissues

You can re-issue this certificate free of charge an unlimited number of times and use it on as many servers as you need before its expiration date.

21 reviews for Sectigo PositiveSSL

  1. George

    After a thorough research, I haven’t found a cheaper Wildcard certificate

  2. Rhoda

    Ideal for a small website.

  3. Yousuf

    Bought it for my blog. Installed on cPanel without problems.

  4. Hurricane

    Call me paranoid, but I take web security very seriously. I can’t trust free SSL certificates. Seven dollars a year is almost free, but at least PositiveSSL is backed by a warranty.

  5. Youri

    Quick authentication. Can’t comment on the installation because my developer took care of it.

  6. Lennie

    PostiveSSL is perfect for my blog.

  7. Suraj

    The optimal certificate for a presentation website

  8. Mitchell

    Easy to configure for WordPress!

  9. Felton

    Anyone who owns a domain can afford this certificate.

  10. Boyce

    Took me about 15 minutes to buy this cert and install it on my server.

  11. Sandra

    I saw this certificate on a popular health blog I follow and decided to add it to my website☺

  12. Lucian

    Great option for a small, personal website!

  13. Lurker

    I don’t trust free SSL certificates, so I bought this cert for my site. It’s so cheap it feels like it’s free.

  14. Mark

    Excellent cert

  15. Maggie

    Great choice!

  16. KYLE

    AWESOME CERTIFICATE! WORKED PERFECT

  17. Amir

    I bought a bunch of Comodo PositiveSSL for my websites to get rid of the ‘not secure’ tag that browsers started to show on my sites. The certificates worked flawless, and my sites look great now. Thanks guys!

  18. Todd

    The only SSL Certificate personal websites will ever need. Why spend more on other certs, if this one offers the same encryption levels. Everything else is just a bonus.

  19. angelina

    turned out to be easy to configure and validate. installed on my blog and got rid of the not secure sign. thanks!

  20. Brad

    read about ssldragon on quora. the article recommended this ssl for a small website, so I bought the 2-year option for $14.59. seems like a good choice.

  21. James

    got this comodo positivessl for my blog. was issued very quickly and my developer installed it on the same day.

Add a review

Your email address will not be published.

Here is a list with the most common questions our customers have when buying One Domain SSL Certificates with Domain Validation:

What are Multi-Year SSL Subscription Plans?

Starting with August 19th, 2020, the maximum duration of publicly-trusted SSL/TLS certificates issued by all Certificate Authorities (CAs) has been set to a maximum of 13 months.

However, in order to make your SSL Management process time-saving and cost-effective, the CAs and SSL Dragon are offering you the 2 Year and 3 Year SSL Subscription Plans.

This means that you can still buy a 2 or 3 year SSL Certificate and continue to benefit from multi-year discounting, while still remaining compliant with the CAB Forum SSL requirements.

How the Multi-Year SSL works?

Due to security reasons, your SSL certificate is initially issued with a maximum 1-year validity.

30 days before the expiration of your certificate, SSL Dragon, on behalf of the CA, will notify you and ask you to reissue your SSL, in order to get the additional (replacement) 1-year certificate, according to your Subscription Plan.

This FAQ explains to you how to reissue your SSL Certificate, step by step.

You will need to validate & install the replacement SSL:

a. If you have a Domain Validation SSL Certificate, a short verification of your domain name will be required via Email, HTTP, or DNS in order to issue the 1-yr replacement SSL.

b. If you have a Business or Extended SSL Certificate – an additional Business Validation/Extended Validation recheck and callback process will also be required.

You can still reissue your certificate at any time and as many times as you like during your Multi-Year SSL Subscription Plan.

On your SSL Certificate’s page within the SSL Dragon account, you will find all the details regarding your Subscription Plan:

  • Valid From – Shows the date when your SSL was issued and became active
  • Expires – Shows the date when your SSL expires and needs to be reissued (not Renewed).
  • Subscription Starts – The date when the first SSL was issued and the subscription period activated
  • Subscription Ends – The date when the subscription ends and SSL needs to be Renewed (not Reissued)
  • Next Reissue – shows the number of days left of your SSL. The Certificate should be reissued 30-days prior to this date.

The Domain Validation (DV) SSL certificate is the most affordable choice for increasing the security of your blog, personal or small business website. Since there is no required paperwork, the process of acquiring the Domain Validation certificate is very quick and easy: you will have to prove that you are the domain owner just by responding to an automatic e-mail message. After a couple of minutes, you will receive the issued SSL certificate which can be installed immediately. Sites with Domain Validation certification can be identified by the padlock that is displayed by most web browsers.

This type of SSL certificates is recommended to be used if you need to prove that your site is secured, by having a secured connection. The Domain Validation certificates don’t display the legal entity, as the identity of the website owner is not checked while issuing them. So, if you have an e-commerce website or a site that collects users’ personal data, you should consider buying our Business Validation (BV) or Extended Validation (EV) certificates, which will make your site more trustworthy.

When requesting an SSL Certificate you have to prove that you own or you have management rights over the domain or sub-domain that you are requesting an SSL Certificate for.

STEP 1: Domain Validation (DV)

A. EMAIL

If you have an SSL Certificate issued by Sectigo, GoGetSSL, GeoTrust, Thawte, DigiCert, and RapidSSL, then you can complete the domain validation is by responding to an automated domain validation message sent to your email address. You will be given a list of emails to choose from, and the automated domain validation message will be sent to the email address that you choose.

Always check your email address (including your Spam folder) so as you should receive an email message from the Certificate Authority with instructions on how to validate (prove the ownership of) your domain name. The email message will ask you to copy a unique code and paste it on a specific link provided in the same email message.

Important: Only 5 e-mail addresses are allowed for domain validation: [email protected], [email protected], [email protected], [email protected], and [email protected]
In some cases, the Certificate Authority may allow your administrative e-mail from WHOIS, too, but ONLY IF the Private registration is disabled.

B. HTTP / HTTPS method

The HTTP validation consists of uploading a TXT validation file to a pre-defined location on your website. You have to make sure that you can access this file and link from any web browser. Once you proceed with this domain validation method, the CA will run a scan of your website and will look particularly for this file at the given link. Your SSL Certificate will pass the domain validation within a few minutes after the CA’s crawler system finds the TXT file on your website.

The HTTPS validation method is the same validation method as described above. You should choose the HTTPS option if you already have an SSL Certificate installed on your website.

C. DNS method

You can also add a pre-defined domain record to your domain registrar (the website where you registered your domain name). Make sure that your firewall doesn’t block the CA’s validation robot.

Sectigo and GoGetSSL require CNAME DNS type, which looks like:

_b2013ea8353c9760c0221c49dc3e8ca7.yourwebsite.com CNAME
165b83449f4fdf83021de4e6f6ee795a.4ae75dbefe3r7bb8a1878616d8b5ae4.5r4r46855d28f6903.comodoca.com

while DigiCert (Thawte, GeoTrust, RapidSSL) require TXT DNS type, which looks like:

yourwebsite.com TXT “w34f54t4t45t354eer98rn4jf4449nfrf”

or

dnsauth.yourwebsite.com TXT “w34f54t4t45t354eer98rn4jf4449nfrf”

Please note that newly added DNS records take between 10-48 minutes to propagate. This means that you will have to wait up to 48 hours to pass the domain validation if you go with this method. That is why we recommend the Email, HTTP, and HTTPS methods better because they would allow you to pass the domain validation instantly.

STEP 2: CAA Check

As of 8th September 2017, all Certificate Authorities (CAs) are obliged to respect your CAA policy, as a security measure.

The CAA record should allow the CA to issue the SSL for your domain name, otherwise, the order would be set as Pending until you update the record.

By default, if no CAA record found, any CA may issue SSL for your domain name. Otherwise, you should update your CAA record.

Here is how to do it:
– https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA01N000000zFMO
– https://docs.digicert.com/manage-certificates/dns-caa-resource-record-check/

Here is how to test the record:
– https://toolbox.googleapps.com/apps/dig/#CAA/
– https://caatest.co.uk/scan.org.ua

Optional (Rare) – Brand Validation (Manual Check)

In some cases, the CAs may require manual verification if your order fails any internal rules of Brand Validation.

It takes around 24-48 hours to pass this manual check, and the CA will either issue or reject an order in such cases.

Here are the reasons why your order is under Brand Validation.


How to change the domain validation method?

If you chose one of these domain validation methods described above, and you see that your domain doesn’t get validated, then you can always change your domain validation method. Please go to this link to learn how to do that.

In order to buy a Domain Validated certificate, you do not need to provide any documentation. You will have to confirm the domain ownership through a simple email or file-based authentication. Following completion of one of these elements, the DV certificate will be signed and released to you.

There are many different ways to install an SSL Certificate, and they all depend on your SSL Certificate brand, the webserver type, the operating system on your server, and the web hosting panel that you have on your server.

These being said, please check our Installation Articles to get detailed instructions on how to install your SSL Certificate on about 44 different server types, hosting panels, and operating systems.

Also, here are links to documentation on how to install your SSL Certificate on your server, based on the SSL Certificate brand that you have:
Sectigo
Thawte/RapidSSL/GeoTrust/DigiCert
GoGetSSL

We always recommend you get specialized help with your SSL Certificate installation. If you have a web developer or a system engineer, then they would be the right people to help you with your SSL Certificate installation.

Browser Compatibility

Chrome
IE
Firefox
Opera
Safari
Netscape
AOL
Camino
Konqueror

Server Platforms And Mobile Browser Compatibility

Server Platforms:
  • BEA Weblogic
  • IBM HTTP Server
  • Microsoft ISA
  • Microsoft IIS
  • Microsoft SQL Server 2005
  • Microsoft Live Communication
  • Apache
  • BEA Weblogic
  • Lotus Domino
  • OpenLDAP
  • C2Net Stronghold
  • Plesk
  • WebSTAR
  • Webmin
  • Java Web Server (Javasoft / Sun)
  • Ensim Control Panel
  • cPanel / Web Host Manager
  • Hsphere
  • C2Net Stronghold
  • iPlanet Server / Sun One
  • Java Web Server (Javasoft / Sun)
  • Lotus Domino
  • Tomcat
  • Netscape Enterprise Server
  • Novell ConsoleOne
  • Novel Webserver
  • C2Net Stronghold
  • And other SSL-Capable Servers
Mobile Browsers:
  • Android
  • Apple iPhone, iPod Safari 1+
  • Microsoft Windows Mobile 5/6*
  • Opera Mobile 6+
  • Opera Mini v3+
  • ACCESS NetFront Browser v3.4 +
  • RIM Blackberry v4.2.1 +
  • KDDI Openwave v6.2.0.12 +
  • Netscape Communicator 4.51+
  • NTT / DoCoMo
  • Nintendo Wii
  • Sony Playstation 3
  • Sony Playstation Portable

Need help securing your website? Have questions, or unsure which SSL to choose? Let our fearless dragons help you! Follow the following steps towards getting the type of help that you need.

1. Use our Wizard and find the SSL Certificate that suits you best;

2. Find your answers on our Frequently Asked Questions page;

3. Open a Ticket with our Sales, Billing and Technical Support dragons. We will answer your ticket as soon as possible. We work Monday through Saturday, from 9 AM to 11:00 PM Pacific Time;

4. Email us using our Contact Form.

Duration Price You Save
1 year £7.38
2 years £13.12
3 years £18.86
Site seal:site-seal

Order Steps

1
  • Click "Buy Now"
  • Create/Access your account
  • Submit payment
READ MORE
2
Configure the certificate in your account
READ MORE
3
Pass validation & receive your SSL Certificate
READ MORE
Go to Top