Contact
Knowledgebase: SSL Enrollment Process
SSL Enrollment Process
Posted by Gareth S on 06 November 2012 02:20 PM

What do I need to enroll for an SSL certificate for my webserver?

To enroll for an SSL certificate for your webserver, you need the following:

  • A web server that is capable of running SSL
  • Access to the SSL configuration functions of your webserver (you may need to speak to your webhost if you cannot readily identify where these functions are)
  • A Certificate Signing Request (CSR)

Why does my enrollment form say that my CSR is invalid?

There are a number of common issues that would cause the CSR to be invalid. When you created the CSR, you will have been asked for several pieces of information. If you have received a message informing you that your CSR is invalid, you should:

  1. Check the common name field.

    You may have specified an IP address (e.g. 178.0.1.23) or a server name (e.g. mywebserver) instead of a Fully Qualified Domain Name such as www.mydomain.com or mydomain.com. You must specify a Fully Qualified Domain Name or domain name to enroll for RapidSSL or GeoTrust certificates.

    Make sure you do not have any illegal characters in any of the fields in the CSR. Illegal characters are [! @ # $ % ^ ( ) ~ ? > < & / \ , . " ']
  2. Check the country field.

    If you are located in the United Kingdom, do not specify your country code when generating the CSR as "UK" - it must be "GB".
    Make sure you have included the header and footer of the CSR into the enrollment form. The header and footer will look like:

    ----BEGIN CERTIFICATE REQUEST-----

    encoded data

    -----END CERTIFICATE REQUEST------

    Make sure that there are 5 dashes on each side of Begin and End certificate request. There should also be no trailing spaces in the CSR.

Can I change my CSR during the enrollment process?

Yes, you can change/correct your CSR at a number of stages during the enrollment process. You will be asked in the final steps to confirm ALL details provided during enrollment. Once you have confirmed ALL details, you will no longer be able to change the details of your CSR.

Once your certificate has been issued, you cannot change the common name (e.g. the domain name) of your certificate.

What is the enrollment process?

The enrollment process is online and immediate and includes telephone-based validation. You must have access to a telephone or cell phone to complete the enrollment process in one step - which takes about 5 minutes.

If you do not have access to a telephone when the enrollment is taking place, you can complete the telephone validation at a later time. We will send you an email containing a link for you to be able to complete the process at any time. It is very important that you do not lose this email; doing so will delay the issuance of your certificate. If you do lose the email, please contact support@SSLhelpdesk.com. Please note that until the telephone validation is complete, we will not be able to issue your certificate

I am not based in the US or Europe, will the Phone Authentication still work?

Yes, just remember to select the country code that you are in. If you cannot find your country code in the list provided to you during the enrollment process, you can enter you country code into the "Other Country Code" section of the form.

My country code is listed; do I need to specify anything in "Other Country Code"?

No, if your country code is available in the list provided to you during the enrollment process, you do not need to specify any other country codes – simply specify your telephone number and extension, if necessary.

Why did the telephone validation process tell me that my country's local exchange does not recognize the area code?

Your telephone area code must be in brackets.

What if I have not received any emails from Rapidsslonline.com since I ordered my certificate?

  • Please ensure that you have access to the email addresses used in the ordering process. Also, as we send unique URLs in the issued emails, be sure that your mail server has not separated or quarantined the emails. They will be 
    fromsupport@rapidssl.com, sales@rapidsslonline.com & support@rapidsslonline.com.
    If your spam filter has blocked or deleted emails then you can contact us at
    support@rapidsslonline.com along with your order number.

What if I have not received any emails from RapidSSL.com since enrolling?

  • Please ensure that you have access to the email addresses used in the application process. Also, as we send unique URLs in the issued emails, be sure that your mail server has not separated or quarantined the emails. They will be fromsupport@rapidssl.com.

What if I have not yet received the "Approval" email from RapidSSL.com?

The Approval email will be sent to the authorized domain name owner or controller. When you apply for your certificate, we will attempt to obtain the authorized domain contacts for your domain name. You may then choose to have the approval email sent to either the authorized domain contact or, alternatively, you will be able to choose a generic domain contact, such as:

  • admin@yourdomain.com
  • administrator@yourdomain.com
  • webmaster@yourdomain.com
  • hostmaster@yourdomain.com
  • root@yourdomain.com
  • ssladmin@yourdomain.com

Make sure that you have set up the email addresses chosen at this point in the application; otherwise the approval email will not be delivered. If you need to change the approver email, please contact the support@rapidsslonline.com.

What type of documents will Symantec (formerly) accept as proof of business validity?

Note - Documentation requirements apply to all VeriSign SSL Products.

Symantec (formerly VeriSign) must verify the existence of your business, the ownership of your domain name, and your employment status or authority for requesting the SSL certificate. We may require official government documentation proving your right to do business. These may include:

  • Articles of Incorporation
  • Certificate of Formation
  • Charter Documents
  • Business License
  • Doing Business As
  • Registration of Trade Name
  • Partnership Papers
  • Fictitious Name Statement
  • Vendor/Reseller/Merchant License
  • Merchant certificate

Additional Requirements for SSL Certificates with Extended Validation (EV)

See VeriSign's Extended Validation Authentication requirements: http://www.verisign.com/static/DEV040034.pdf

How do I send documents to Symantec (formerly VeriSign)?

Just scan and attach the necessary documents to an email addressed to support@verisign.com or fax the document(s) to Symantec (formerlyVeriSign) at 1-650-961-8870. Please make sure to include your order number on all correspondences to Symantec.

International Customers:

Europe

Denmark
Fax: +45 43 68 20 93
Email: support@verisign.dk

France
Fax: 0800 90 34 32
Email :support@verisign.fr

Italy
FAX: +39 0 269 430 579
Email: vendite@verisign.it

Spain
Fax: 900 96 1150
Email: soporte@verisign.es

Sweden
Fax: +468 58 7694 21
E-post: support@verisign.se

Switzerland (and all other European Countries)
Fax: 0800 56 2926 or +45 70 30 03 61
E-mail: support@verisign.ch

UK
Fax: 0800 032 2089
E-mail: support@verisign.co.uk

Asia/Pacific

Australia
Fax: +613 9674 5574
Email: support@verisign.com.au

Singapore
Fax: 800 6162 181
Email: support@verisign.com.sg


Comments (0)
© 2012 SSLHelpdesk.com All rights reserved • Privacy PolicyTerms of Service