Certificate Order Page Information

This article will help you manage certificate file downloads, certificate reprocesses, and provide a detailed understanding of both.


Server Bundles

Proper functioning of a server certificate depends on the successful installation of intermediate and root certificates. The complete SSL.com certificate chain typically includes three files:

Certificate Files
Description
SSL.com Root Certification Authority RSA.crt     Root Certificate
SSL.com RSA SSL subCA.crtIntermediate Certificate
your_domain_here.crtSigned Server Certificate

 

Many systems require your certificate files to be in a particular format. Thus, we also provide certificates in server bundles which are compatible with specific server environments.

You will also receive an email from SSL.com containing your server, intermediate and root certificates as individual files any time a certificate order has been issued.


Downloading Certificate Files

Your SSL.com account includes a page with information for each certificate you order. The Certificate Download table on your Order page includes links to server bundles for the most widely used server platforms.

Please locate your desired platform in the Certificate Download table. Click the link to retrieve your most recently issued certificate files, or (if needed) installation instructions:

The server bundles listed in the Certificate Download table includes the most frequently used server environments. However, you can retrieve bundle files for lesser known platforms here.

You’ll notice that the last two links of the certificate download table do NOT explicitly refer to a server platform:

  • Other platforms: Provides a .ZIP file with all the relevant certificates (1 root, 1 intermediate, 1 server certificate)
  • Intermediate certificates (ca chain bundle): Provides a single concatenated file containing 1 intermediate and 1 root certificate file.


Reprocessing Certificates

SSL.com offers the option to reprocess certificate orders as many times as you require, at any time during that certificate’s lifespan and usually at no extra cost.

Reprocessing generates an entirely new certificate for you and is useful if details such as your web hosting environment, domain name or other information changes. Select the “change domain(s)/rekey” link under the Action header at the top of your certificate order page to start the reprocess:

If your hosting environment has changed, or if you’ve lost your Private Key, you can simply generate a new Certificate Signing Request (CSR) using a new key pair. However, if your server environment hasn’t changed you can choose to take advantage of the “use previous CSR” button next to the empty text box:

The certificate status in your account will change once a reprocess has been initiated. You will then need to validate your new certificate request in order to complete the process.


Certificate Information

When a new certificate is issued or reprocessed the details will appear in your Certificate Order page:

General information like server platform, time of issuance, and date are also visible in this section of the page. Information for both the current and any previous certificates is also shown in this section.

The three main items displayed are:

  • Certificate Signing Request (CSR): The encoded message that has been digitally signed by the author of the CSR.
  • Signed Certificate: The issued server certificate which is authorized to secure a specified domain(s).
  • Issued Domains: The host names currently secured by a signed certificate.


Certificate Details

Information such as signature algorithm, validity, and serial number are all displayed within the certificate contents box.

In some cases multiple certificates are issued with the same host name but using different CSRs. The information in the certificate contents box can help to differentiate between certificates with similar host names:

  • Serial number:  The numbering system used by a certificate authority that uniquely identifies an issued certificate.
  • Signature Algorithm: The encoding and digital signing algorithms specified when generating a certificate request.
  • Subject Alternative Name: The extension of the X.509 certificate standard used to protect multiple host names under a single SSL/TLS certificate.
  • Validity (Not Before; Not After): The period of time an SSL/TLS certificate is authorized to operate.

Please contact us if you have any further questions regarding your certificate order. Thanks for choosing SSL.com, where we believe a safer Internet is a better Internet.