Ordering of an SSL Certificate may turn to be a very simple or a very complex process. Simplicity of the the process can be achieved by preparing WHOIS records and company verification documents. Process of ordering an SSL-certificate consists of the following:
- Prepare your server and update your WHOIS-record
- Generate a CSR on the server
- Send the CSR, and other information to the CA.
- Complete the company’s and the domain’s checks
- Obtain and install the issued certificate
What are basic requirements before purchasing of the SSL-certificate?
Separate IP-address. For each SSL-certificate you will need a separate IP-address. It is the requirement of SSL-Protocol.
If you have a lot of sub-domains linked to a single IP-address, then in that case you can protect them with a Wildcard SSL-Certificate. If you have a lot of different domain names on a single IP-address, then in that case you can protect all of them with the UC certificate. In order to be able to do this you will need to configure SSL Host Headers.
CSR-request. CSR-request is the text file that should to be generated on your server before receiving SSL-certificate. CA will use the information contained in the CSR (company name, public key, domain name, etc.), to create a SSL-certificate.
Relevant information in the WHOIS record. When purchasing a certificate for specific domain name, CA have to ensure that you are the owner the domain name for which you are requesting to issue the certificate. This is done by using the WHOIS records (ownership rights, as well as the contact information associated with each domain), which must match the name and address of the company, specified in the certificate order. Some CAs also require a telephone verification call on a number listed in the WHOIS record. In addition CAs will send an e-mail to the e-mail address, specified in the WHOIS, to ensure that the owner of the domain have the correct information.
Company / organization verification documents. If you would like to obtain a high-assurance certificate, then your business must be verified. Certification Authority will review the government’s online databases, to make sure that the company is officially registered. However, you are still required to send in the official registration document of the company, in case if CA will not be able to verify ownership of online business. Each CA have its own requirements for validation.
What is the certificate issuance time frame?
The time frame of obtaining the certificate depends on the type of certificate you have chosen, as well as service provider you are working with. If you would like to purchase a certificate with a domain validation, then you will receive certificate within a few minutes. If you would like to get a certificate with an organization validation, then the issuance may take any time between an hour to few days after you send in all required documentation. If you would like to get a certificate with Extended Validation (EV), then you will have to wait any time between a few days to a few weeks.