Ordering and Retrieving SSL/TLS Certificates

This how-to will walk you through the process of ordering and retrieving an SSL/TLS server certificate from SSL.com.

For the convenience of our customers, SSL.com now also offers the popular ACME protocol for SSL/TLS certificate ordering and automation. Please read this blog post for more information.

Ordering and Domain Validation (DV)

Note: Domain Validation is required when ordering any SSL/TLS server certificate. SSL.com customers should follow the DV procedure below as well as the extra validation steps required when procuring OV/IV (Organization/Invividual Validated) or EV (Extended Validation) Certificates.
  1. Choose an SSL/TLS type from the SSL.com website menu. To compare features, check the SSL Certificates Comparison page.
    choose a certificate type
  2. Click the Buy Now! button.
    Buy Now!
  3. Select a duration for your certificate order, then click the Add to Cart button. Note that even though the maximum lifespan of any SSL/TLS certificate is 398 days, SSL.com customers can save money by ordering certificate bundles of up to five years. For orders exceeding one year, we issue free replacement certificates upon expiration and re-validation of site ownership throughout the duration of the certificate order.
    select duration and add to cart
  4. In the shopping cart, you can change the quantity of SSL certificates, remove them from your cart, or return to shopping with the Shop More button. When your order is complete and correct, click Checkout.
    Shopping cart
  5. If you are not already logged into your SSL.com account or do not have an account yet, you will be prompted to login or create a new account at the Checkout screen. If you have an account, select I do and I want to log in now, enter your username and password, then click Next >>.Login
  6. If you do not have an SSL.com account, select I do NOT but I want to create one, fill in the requested information (username, email address, password, and billing information), then click Next >>.
    Create account
  7. If your account contains existing funds, they will be applied to your purchase. If your account does not contain sufficient funds, you will be prompted to add more. Click Next >> when your account has sufficient funds to complete the transaction.
    Apply existing account funds
  8. If your order has been successfully placed, you will see a green bar near the top of the browser window, reading “Order successfully placed. Click here to finish processing your ssl.com certificates.” Click the link.
    Click here to finish processing your ssl.com certificates
  9. On the screen that opens, find your certificate order and then click the submit csr link, located in the Action column.
    Submit CSR
  10. At this point, you will need to submit a Certificate Signing Request (CSR) for the server that will be utilizing the new SSL/TLS certificate. It is always best to generate your CSR and key pair on the web server where you will install the certificate. A list of links to instructions for CSR generation on various platforms (IIS, cPanel, Plesk, and others) can be found in this FAQ.
  11. Fill in the necessary fields to submit your CSR, then click Next >>. A complete guide to CSR submission can be found in our article, Your SSL.com Account – Submitting a CSR.
    Submit CSR
  12. On the next screen, enter your company details, then click Next >>. Note that if you are ordering an EV or OV certificate you can enter your company’s Dun & Bradstreet number (also known as a D-U-N-S or Duns number) here to expedite validation. (Please make sure that your company information in Dun & Bradstreet is correct and up-to-date before using this option.)
    Enter company information
  13. On the next screen, click + Create Contact and then fill in the on-screen form and click Create to add a contact to the order. You must create at least one contact for the certificate, but you can also add more if desired.

    Enter contact information
  14. When you are finished adding contacts, click Next >>.
  15. Next, select a method for domain validation. You can validate your control of the domain via email, by adding a CSR hash file to your website, or by creating a DNS record. See our article, What Are The Requirements for SSL.com SSL/TLS Certificate Domain Validation? for complete details on these different methods.
    Domain Validation
    Email validation is simple and straightforward. To validate via email, you will need to have control of one of the authorized email addresses for domain validation:
    • webmaster@
    • hostmaster@
    • postmaster@
    • administrator@
    • admin@
    • Domain contacts (domain name registrant, technical contact, or administrative contact) listed in the base domain’s WHOIS record.

    When you have selected a validation method for the domain names the certificate will cover, click Validate, then OK in the confirmation dialog box that pops up.

  16. If you chose email validation, you will receive an email message with a 20-character validation code. Copy and paste the code into the input field, then click Submit. If you chose another method, continue with the instructions for that method.
    Enter validation code
  17. If everything has been done correctly up to this point, your domain has been validated and your certificate is ready for download.
    Note: When your certificate is issued, you will also receive an email message with a full certificate chain attached, including your server certificate, SSL.com intermediate, and SSL.com and Certum roots.
    Domains validated
  18. Click the Orders tab, then the download link (located in the Action column).
    Download certificate
  19. Click the download link specific to your platform to download your certificate files.
    Download links
  20. After downloading, install the certificate following the installation instructions specific to your platform.

EV and High Assurance (OV/IV) Document Submission and Validation

OV SSL/TLS orders with a recently completed or stored validation will now be automatically issued once the organization validation is complete. An OV certificate will be issued immediately if the order is using a previously validated domain and organization identity.

In the case of certificates using a stored validation, no domain validated placeholder certificate will be issued as with new OV SSL certificate orders that do not have a stored organization identity. Only the OV certificate will be issued when a stored organization identity is used.

The steps in the preceding section will result in the immediate issuance of a Domain Validated (DV) SSL/TLS certificate. If you ordered a High Assurance (OV/IV) or Extended Validation (EV) SSL/TLS certificate, please follow the steps below to submit the required documentation for your final High Assurance or EV Certificate.

  1. Locate your certificate order in the Orders tab of your SSL.com customer account, and click the documents link.
    documents link
  2. Click Upload Document(s).
    Upload Documents
  3. On the next screen you can upload up to five documents providing required information for your certificate order.
    Upload DocumentsThe required information differs based on the entity to be validated and the type of certificate being ordered:
    • The required documents for SSL.com’s High Assurance (OV/IV) SSL/TLS certificates vary depending on whether the certificate is to be issued to an individual person or a business or other organization. You may submit OV/IV information for High Assurance SSL, Wildcard SSL, and Multi-Domain UCC/SAN SSL orders.
    • EV SSL/TLS certificates have a different set of required documentation, and may only be issued to registered businesses or other organizations, not to individuals. EV documentation is required for Enterprise EV and Enterprise EV UCC/SAN (multi-domain) certificates.

    Use the clickable tabs below to view a document checklist that applies to your order:

    Business or Organization (OV)Individual Person (IV)EV SSL/TLS

    To validate the identity of a business or other organization, please provide the following:

    • A link to a Reliable Data Source including the organization’s name, address, and telephone number. Acceptable examples include:
      • A link to a government agency in the jurisdiction of the Applicant’s legal creation, existence, or recognition.
      • A link verifying your information in a third party database that is periodically updated and considered a Reliable Data Source. Examples include:

    In most cases, businesses and organizations will not need to upload documents to their order, but can simply provide a URL to SSL.com support staff. You can submit your link via an email to Support@SSL.com, or by using the chat link in the lower right corner of the SSL.com website.

    In some cases, SSL.com may request additional supporting documents before issuing a certificate.

    To validate an individual person’s identity, please provide the following:

    • A scan of the front of a valid, government-issued photo ID card or passport ID page. The ID number may be obscured, but we must be able to see your name, address, year of birth, and photograph.
    • A scan of the back of the government-issued ID card or passport ID page.
    • A photograph of of yourself holding the government-issued ID next to your face so that your face may be compared with the image on the ID. The photograph should be at least 5 megapixels (MP) – most current smartphones can provide an image of 5MP or greater.

    In some cases, SSL.com may request additional supporting documents before issuing a certificate.

    To validate the identity of a business or other organization, for EV SSL/TLS, please provide the following:

    In some cases, SSL.com may request additional supporting documents before issuing a certificate.

  4. Use the Browse… button to select files for uploading. When you are finished selecting files, click the Submit button.
    Browse for files and submit them.
  5. After submitting your documents, please contact our support staff at Support@SSL.com, or by clicking the chat link on the SSL.com website.
  6. OV certificates require you to initiate a callback step to validate your business or other organization’s phone number. Please follow the steps shown in Callbacks for OV Certificates to complete OV validation. Callbacks for EV certificates are also required, but they will be manually initiated by SSL.com
  7. When all steps have been completed and your documentation has been validated by SSL.com, you will recieve an email including the certificate, and you will also be able to access it via the download links in your certificate order.
    download links

Video: Validation Requirements for OV, IV, and EV Certificates

Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.