ComodoSSLStore Loading
Content

Order Online or Call (727) 388-4240

They Trust Our Solutions
PLATINUM PARTNER

SSL Renewals FAQS

SSL Renewals has been around for quite some time now, and with our age has come wisdom of the Industry. Together our team has formulated more than a hundred answers to the typical questions our customers ask either prior to purchase, during validation, and after issuance.

What is SSL?

SSL is an abbreviation of Secure Sockets Layer. It's one of the technologies, which is used to establish a secured encrypted link between a browser & a web server. It's used to secure confidential data such as credit card numbers, passwords, user id, e-mail address etc. There are a number of ways to determine whether your website is secured or not. For example, "https" and the padlock icon you can see on the bar of the browser, you'll also get a site seal to go with your certificate, & if the website is using the premium certificate you will even get the green bar wrapped around the URL.

Hide

What is a Domain Validated (DV) SSL Certificate?

A Domain Validated (DV) Certificate is the easiest and simplest validation style, these types of certificates will allow you to get your site protected in just minutes. As the name states, the Vendor will verify that you've got ownership of the domain that you're wanting to protect. Well it does get the job done, we only recommended this option for websites who are wanting to get their site protected quickly and that don't are just wanting a certificate that will get the job done.

Hide

What is an Organization Validated (OV) SSL Certificate?

An Organization Validated (OV) Certificate is the next step up from a Domain Validated (DV) Certificate. With an Organization Validated Certificate the Certificate Authority (CA) will verify that the certificate is going to be issued out to a valid business or organization. The weight carried by an Organization Validated Certificate is heftier than that of the Domain Validated because visitors will know that the site they're browsing is ran by a recognized company in the location they operate.

Hide

What is an Extended Validation (EV) SSL Certificate?

An Extended Validation (EV) SSL Certificate is the top dog when it's compared to both Domain Validated and Organization Validated. With an Extended Validation Certificate the browser will showcase a "Green Bar" which will make the site stand out when compared to other competitors, and at the same time put the site in the same family such as PayPal and Twitter. The Extended Validation Certificate carries the most weight due to the vigorous verification process that the business goes through to prior to being issued the certificate.

Hide

How to get Green Address Bar for the website?

There's only one way to get a green address bar on your website, and for that you'll have to go with the Extended Validation (EV) type of SSL certificate.

Hide

Can I qualify for an EV certificate?

To get qualified for the EV certificate it's mandatory that your business is officially registered company by the government.

Note: Sole Partnership and Sole Proprietor registered company of U.K., cannot be qualified for any type of EV SSL certificate.

Hide

What certificates offer www and non-www coverage?

All certificates offered by Symantec, Thawte, GeoTrust, and RapidSSL will provide coverage for both www and non-www.

Hide

What is a Wildcard SSL certificate?

A Wildcard SSL Certificate will provide coverage for your domain (www.yourdomain.com), while at the same time providing coverage for unlimited subdomains such as mail.yourdomain.com, dev.yourdomain.com.

Hide

What is a Multi-domain or SAN certificate?

The certificate title says it all, a Multi-Domain (referred to as SAN) Certificate will allow you to extend your coverage across both other domains, and subdomains with just one certificate. Depending on your chosen brand you might have a limit on the amount of domains/subdomains you can cover, for example both Symantec and Thawte Multi-Domain Certificates will only allow up to 25 domains in a single certificate

Hide

What is the difference between Wildcard and SAN/Multi-Domain functionality?

The main difference between the two is that a Wildcard SSL Certificates will provide coverage for one domain name (www.yourdomain.com) and an unlimited number of subdomains for that domain (login.yourdomain.com, dev.yourdomain.com, mail.yourdomain.com). As for a Multi-Domain (SAN) SSL Certificate, you're given the option to cover both multiple domains and subdomains in a single certificate (www.yourdomain.com, www.yourdomain.net, login.yourdomain.com).

Hide

How can I use 256-bit encryption?

To use 256-bit encryption you'll have to edit the configuration for the hosting platform you're using, there's no involvement on the certificate side. To know more about how to set this, you'll have to get in contact with your hosting provider.

Hide

What is the difference between 1024- and 2048-bit key lengths?

The difference between 1024-bit and 2048-bit is the encoding strength of the Private Key. At the moment 1024-bit is becoming easier to decode which is why we recommend generating your Private Key in the 2048-bit length.

Hide

What is the difference between SHA-1 and SHA-2?

SHA (Signature Hashing Algorithm), is a type of cryptographic function which is like a proof for the authenticity of the certificate. SHA-1 & SHA-2 are the two different versions of which SHA-1 is older one and outdated. SHA-1 is not trusted these days by major web browsers or the experts, whereas SHA-2 is the latest version these days. Whether it's regarding to experts or web-browsers.

Hide

I'm a Sole Proprietor; can I still qualify for an OV/EV certificate?

If the Sole Proprietors are not from the U.K. they can get qualified for both OV & EV certificates. Though Sole Proprietors of the U.K. cannot be qualified for EV certificates & for OV certificate they have to provide some additional documents.

Hide

What is a Certificate Authority and what is your relationship to them?

A Certificate Authority (CA) is the issuer of SSL Certificates, GeoTrust, RapidSSL, Thawte and Symantec are all considered to be a CA. SSL Renewals falls into the equation as we're a platinum partner reseller of GeoTrust, RapidSSL, Thawte and Symantec. By being a platinum partner we're able to extend the same offerings as the Vendor, but at a lower cost and guidance throughout the entire SSL process.

Hide

Which SSL brands are most trusted & secure?

All the Certificate Authorities (CAs) that we carry are leaders of the Industry and will be trusted world-wide. Symantec is the largest CA in the world and offers the Norton Trust Seal which is the most recognizable symbol across the web when it comes to trust and security. Both the Norton name and Symantec name carry the most weight in the Industry and is unparalleled by any other CA.

Hide

Can I see which Certification Authorities have their own Trusted CA root present in browsers?

Yes, all of the Certificate Authorities (CAs) that we offer on our site have their root included with 99% of all browsers and mobile devices.

Hide

What is the SSL certificate warranty?

The warranty that is offered with your SSL certificate is coverage in case of any damage that is caused by any data breach or hack that is caused by any flaw in the certificate. As you move up the chain of validation types (DV, OV, and EV) your protection will increase to be more in line with the validation type.

Hide

What is browser ubiquity or browser recognition?

Browser recognition or ubiquity is one of the terms which can be used to describe that how many browsers are able to recognize & trust an SSL certificate. So you can say, if the browser ubiquity is higher of an SSL certificate then more browsers will be able to accept and recognize it.

Hide

How long are your SSL certificates valid for?

It depends on which SSL certificate you are choosing, usually our certificates comes with 2 to 4 years of validation. As per the Certificate Authority / Browser (CA/B) Forum, an EV certificate comes with maximum of 2 years. OV and DV certificates of GeoTrust, Thawte, Symantec & RapidSSL are issued maximum for 3 years.

All certificates that we sell are capable of being purchased in increments ranging from 1 year up to the maximum amount of 3 years. However as per the guidelines set by the Certificate Authority / Browser (CA/B) Forum, an Extended Validation Certificate can only be issued out with the maximum amount of time of 2 years.

Hide

What is an Intermediate certificate?

An Intermediate certificate is a file which helps the web browser to recognize who has issued the SSL certificate. It's not mandatory to have it, but it's advisable to install it along with your SSL certificate to enjoy the full compatibility among more browsers and mobile devices.

Hide

Where do I get my Intermediate certificate?

An intermediate certificate is generally sent with your certificate via email once it's issued. Another option is that you can directly download from the website of the vendor, which is useful when you don't receive in an email. It is referred to as "CA Bundle." One thing to note is that some of the certificates may have more than one intermediate certificate.

Here are some of the links, which you can use to download your intermediate certificate from the website of the vendor –

Hide

Can I use SSL to cover an internal domain?

Yes, SSL can be used to cover an internal domain, but it has to be an official registered domain (FQDN which is publicly available). The Certificate won't be issued if it's not a registered domain.

Hide

What if I can only use one certificate file?

If the hosting platform you are using or the company says you can only go for one certificate file, then another option is that you can combine your server certificate with the intermediate file into one file.

Hide

What is the difference between 128- and 256-bit security?

The difference is of key lengths which are used after an SSL connection has been made in the browser. Though 256-bit security key is bigger, but it's similar to 128-bit key when it comes to level of security. The reason behind using 256-bit key is only if it's mandatory by the policy of your company or industry.

Hide

How many domains can I secure with a Multi-Domain SSL Certificate?

It depends on the type of Multi-Domain SSL certificate you buy. If you go for Thawte or Symantec they give coverage of 25 additional domains & GeoTrust Multi-Domain certificates can provide coverage from 4 to 100 additional ones.

Hide

What is a UC Certificate (UCC)?

Unified Communications (UC) is a new type of SSL certificate which is designed especially for Microsoft products like Microsoft Exchange 2007 & Microsoft Office Communications Server 2007. The biggest difference between a UCC SSL and a standard Multi-Domain certificate is that UCC offers security for both internal networks as well as external domain names.

Hide

What is a Multi-Domain Wildcard SSL?

It's one of the certificates which offers security for both multiple domains and their related sub-domains.

Hide

What should I do with my private key?

Its name says it all, it should remain confidential. Apart from you only hosting company is the one who can know your private key & that also if they ask for it. It should not be deleted as it's mandatory to make your certificate work.

Hide

What should I do to expedite the validation of my order?

If you're looking towards getting your certificate urgently, you can get in contact with us with the details of your order with your request, and we'll work with you on getting it expedited for you.

Hide

How do I know what my Control Panel/Server OS is?

If you are not aware about your Control Panel/Server, it's advisable to contact your IT department or your web hosting service provider to get this information.

Hide

Can I switch my method of Domain Control validation from Email to File, or vice versa?

If you want to change the method of Domain Control validation from file-based to email-based, you can do that with any of the SSL certificates we offer.

Hide

If I buy a Domain Validated (DV) SSL Certificate, which document(s) do I need to provide?

There's no need to provide any specific documents to purchase your Domain Validated (DV) certificate. What you all have to do is provide a confirmation through an email or by a simple file-based authentication that proves you own the domain for which you want the coverage for.

Hide

If I buy an Organization Validated (OV) SSL Certificate, which document(s) do I need to provide?

In order to purchase Organization Validated (OV) certificate you have to provide the information regarding your business registration. If the online verification is possible by Certificate Authority (CA) then there won't be any need for addition documents. If the online files are not correct or something is missing, then they will ask for the government based registered documents, which differently depends on the case. The Vendor will also attempt to search for a 3rd party telephone listing related to the domain to complete the telephone verification.

Hide

If I buy an Extended Validation (EV) SSL Certificate, which document(s) do I need to provide?

Exended Validation certificates have a more strict verification process compared to OV certificates. You'll first want to review the process for getting an OV certificate verification. It's true that EV certificates ask for some extra steps which includes physical as well as operational existence & apart from that a telephone call has to be made directly to Certificate Authority (CA).

Hide

If I buy a Code Signing Certificate, which document(s) do I need to provide?

In this you will get two different types of validation methods. You can go for a certificate individually or you can even go as an organization. If you are applying as an organization name, it's better you check all the OV requirements which are mentioned in the above question. If you go as an individual developer, the simple procedure of completing a form to do your identity verification will be asked by the Certificate Authority (CA). Apart from that, it has to be notarized by an advocate, CPA or any public notary. Additionally you have to give a scanned government issued ID and additional documents can also be required depending upon the CA.

Hide

I haven't received my Domain Control Validation email (DCV) yet. What should I do?

Some of the reasons which can be possible that you didn't receive your Domain Validation email are like you might have not done the proper verification of the Domain Control Validation email (Note: this email address is different from the contact information given during the process of registration.) Or else if you want to change your DCV email address, you can go for email which is given on Whois registration for the domain you want to or else you can even go for the pre-approved 5 email addresses which are given below -

  • Admin@domain.com
  • Administrator@domain.com
  • Hostmaster@domain.com
  • Postmaster@domain.com
  • Webmaster@domain.com

Apart from that, do not forget to check for Spam or Junk folder of the provided email address.

I would like to change my certificate's common name. The only way possible to change the common name is to cancel and reorder the certificate again. Please note that you can do this only within the first thirty (30) days of purchase.

Hide

My File Authentication file has been uploaded to the wrong directory. What should I do?

It is mandatory to upload the file in the correct directory. In order to check whether the authorization is successful or not, you have to check that file is viewable from at both the end i.e., yourdomain.com/file & subdomain.yourdomain.com/file.

Hide

How can I reschedule the phone verification call?

For the rescheduling of the verification call, you have to get in contact with us and inform us of your availability so we can get in contact with the Vendor regarding scheduling the call. . Note that, all telephone numbers are accepted. The number you are providing should be verified by the Certificate Authority (CA). So, it is good enough to confirm the number on which the call of CA will be received.

Hide

My verified phone number is outdated, what should I do?

It's mandatory that you get in contact with us regarding your telephone number so we can askwhere Certificate Authority (CA) has found the phone number from and then ask for the proper method to update the correct number or else a new listing. Your provider will be able to provide you proper guidance on how to make a correct listing.

Hide

How long will validation take?

It all depends upon the type of certificate you have chosen to buy and your response time also matters. Though whatever type of certificate you go for, it is for sure that the Certificate Authority (CA) will contact you directly and thereafter as per your response further steps will be taken. If you go for Domain Validated (DV) certificates, it can be issued anywhere within few minutes to one business day. If you look at Organization Validated (OV) certificate, it takes around 1 – 3 business days and lastly, if you go for Extended Validation (EV) certificates, it takes anywhere between 1 – 5 business days for the issuance.

Hide

Who do I send a validation document to?

If for some reason the Vendor isn't able to verify the information entered during the generation process they'll get in contact with the Administrator contact request the documents. You can directly attach the documents to that email, or if there's any issues or questions about the document you can get in touch with us directly and we'll explain the alternatives to you.

Hide

Why is my order showing Failed Security Review? What does that mean?

On a rare occasion you might find that your certificate is marked as "Failed Security Review", this is a status which the Certificate Authorities (CA) systems scan for keywords relating to bigger companies. Often the flag is a false positive and will be reviewed within twenty-four hours

Hide

I completed validation, but never received the certificate. What should I do?

After the completion of the validation process, you will receive the certificate from the Certificate Authority through email. It's the same email address which you have given as a technical contact. For some reason, if you did not receive it you can login to the client portal and download the certificate from the order detail page.

Hide

Can I use the email address listed in the Whois to complete Domain Control Verification (DCV)?

Of course you can, whether it's DV, EV or OV certificates, it doesn't matter.

Hide

I cannot remember or have lost my login details.

If you don't recall your login details you can attempt to do a password reset request at the following link -> https://www.sslrenewals.com/forgotpassword.aspx . If you don't remember the email address you signed up with please get in contact with us and we'll work on getting your account all situated.

Hide

I have accidentally deleted my "private key" what can I do now?

Not to worry! You can generate a new certificate signing request (CSR) which will also generate a new private key and perform a reissue of the certificate. To go through the reissue process you'll want to login to your account and go into the order detail page for the certificate and at the bottom click the "Re-issue Certificate" button.

Hide

I have changed my server, or moved to a different provider; how do I move the certificate?

The easiest way to move a certificate is to generate a new certificate signing request (CSR) on the new machine and to go through the reissue process.

Hide

What is a CSR?

A Certificate Signing Request (CSR) is a requirement to request a SSL Certificate. The CSR provides information to the Vendor about the requester such as their location, organization, and the domain they're wanting to protect.

Hide

How do I generate a CSR?

To generate a Certificate Signing Request (CSR) you'll want to figure out what operating system you're using or if you have a control panel. Once you've figured this information out, you'll want to search our database for a guide on how to get it generated. (http://sslhelpdesk.com/index.php?/Knowledgebase/List)

Hide

I have noticed something incorrect in my CSR. What should I do?

Once CSR has been created, it's not possible to do any editing in any of its field. It's better to generate a new CSR with correct information.

Hide

The CSR cannot be decoded. What does that mean and what should I do?

It's better you are aware that you have copied the correct file and not your self-signed certificate, your earlier SSL or even if it's bundled as PKCS7 or PKCS12 or it's even possible if you have a pass-phrase without alpha-numeric character or the characters which are invalid. In these types of scenarios you have to generate new CSR in the proper way. Use only English alphabet and number from 0 to 9. Let's say, if your Company Name have "&," write "and."

Hide

What should I do if I receive a 'CSR invalid' error during the certificate activation process?

If this is the case, then you might have not formatted the common name properly for the type of certificate you have (For eg. *.domain.com should be used in wildcard certificate) or it's possible you might have used invalid characters in some of the fields. The only option you have is to create a new CSR which uses only English alphabet and numbers from 0 to 9.

Hide

What is a private key used for?

Its name says it all. Private Key should remain confidential and should not be shared with anyone unless it is asked by your web host during the installation process, as it's used for server-side exchange for making a secured connection. If you have lost your private key or it's been deleted the choice you are left with is to create a new CSR and private key for your server. Private Key is not provided by your SSL provider or Certificate Authority (CA).

Hide

The CSR cannot be decoded?

It's possible one or more required field is missing or CSR might have non-alphanumeric characters in the mandatory fields.

Hide

How do I add additional domains to a multi-domain/SAN certificate?

By reissuing you can add additional domains to the certificate once it's active.

Hide

I entered in the wrong common name, how do I change it?

To solve this problem you'll have to reissue your certificate and new CSR has to be generated.

Hide

I have accidentally deleted my "private key," what can I do now?

You'll want to check if you have any backups of the private key first, but if you're not able to find any you'll want to generate a new certificate signing request and perform a reissue of the certificate.

Hide

I have changed my server, or moved to a different provider, how do I move my SSL certificate?

If the original private key is available to you on the active server, then you can install it to your new server or you can give it to your new web host. If you don't have the private key, then you'll have to generate a new certificate signing request and perform a reissue of the certificate.

Hide

Is technical support available from the CA? Should I need it?

Generally all technical support mattes relating to your SSL Certificate will be handled by us if the need arises. If you were to get in contact with the Certificate Authority, you'll be informed to get in contact with us to handle your issues. However if you're contacting relating to the validation of your certificate they'll be able to assist for this process.

Hide

How do I download my certificate files?

When you generated your certificate you entered information for a Technical Contact. The Technical Contact will receive an email containing both the certificate and the certificate authority bundle which will both be needed to install the certificate.

Hide

How can I install my SSL certificate on more than one server?

To install the certificate on more than one server, you'll want to gather together both your private key, intermediate bundle, and the certificate. Once you've managed to get them all together you'll then want to install the certificate on the new server. If you want documentation on how to install you check our knowledge base for documentation on installation. (http://sslhelpdesk.com/index.php?/Knowledgebase/List)

Hide

My certificate works in my browser, but my visitors get a Security Alert that says 'The security certificate was issued by a company you have not chosen to trust...' What is the problem?

The issue is not with certificate but with the browser you are using, which is not able to identify who is the issuer of your certificate. First look for that your visitors are not seeing an outdated or any incorrect type of certificate. After you have confirmed that, it is most likely that the problem will be solved by the installation of the intermediate certificates.

Following are the links which can help you to download the intermediate certificate -

  1. https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657
  2. https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1421
  3. https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=AR1384
  4. https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1548

Hide

Do I need a dedicated/static IP address to use an SSL certificate?

Yes, it is mandatory to use a static IP address in order to use your SSL certificate. If you don't have that, then the only option you are left with is like to assign one through your webserver or you can even buy one from your web host service provider if you are having your own webserver which is usually around about few dollars a month.

Hide

My browser is not showing the green padlock/green bar, why?

You cannot predict what could be the exact issue as there are several reasons related to it. Here are four of the most common ones -

  1. Content is not secured, which means there are some of the HTML elements on the website which is inappropriately linked up to use HTTP and not HTTPS. For this you have to update your website codding to switch the links.
  2. If your certificate has been issued via intermediate file, then there is a possibility that intermediate chain is missing or it's invalid. It's better you look for installing with your certificate on your server and if you don't have it you can refer back to the email you received from the Vendor.
  3. If your certificate is currently issued out as SHA-1, that could also be a problem. Major browsers are beginning to push away from SHA-1 as it's growing more and more insecure each and every day. To fix this you'll need to reissue your certificate in the client portal.
  4. The last problem could be that you're loading an incorrect certificate on the website. Sometimes an expired certificate and maybe even a default certificate will be loaded and when you install the certificate it doesn't update for the server. In order to address this problem, you'll want to check your configuration and if you're not able to resolve it get in contact with your hosting provider.

Hide

When trying to go to the site over https, it displays the message 'The page cannot be displayed.' Why is that?

There are several reasons why you'd receive this kind of error message, majority of them actually don't relate to the certificate at all, but more so the server you're using. To diagnosis this issue you'll want to conduct a SSL Labs (https://www.ssllabs.com/) test to see where the issue is coming from and how you need to address the issue.

Hide

Why does the website say the name on the security certificate does not match the name of the site?

What this error means is that the domain which the browser is attempting to visit is pull a certificate for another domain name that isn't tied to the one being pulled up. Another reason for this is that your site could be using the default certificate that's provided by either the host or self-signed by the server. To correct this you'll want to make sure that the certificate is installed on the correct domain that you've gotten the certificate issued to.

Hide

Why does the website say the SSL certificate is 'Untrusted'?

When you experience this issue, it's primarily due to the intermediate file might have not been installed. The error can be resolved by installing them. Below are some of the links from where you can find and start the installation process of the intermediate certificate & lastly you can always look out towards contacting your SSL provider.

  1. https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657
  2. https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1421
  3. https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=AR1384
  4. https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1548

Hide

How can I check to see that my SSL certificate works properly and has been installed correctly?

You can always look on by SSL checker the tool provided by Cert Logik in order to make a test that your SSL certificate is installed correctly. Here is the link - https://certlogik.com/ssl-checker/.

Hide

How can I renew my SSL certificate?

A renewal is nothing but purchasing all over again. The word "renewal" is simply an industry word which is used by all providers in the Industry. To renew your certificate you have to go through all the same process. Whenever you get an access for "renewal" option while buying SSL certificate, be sure to get the remaining time carried forward from the certificate which is about to get expired to your new renewal certificate.

Hide

Do I need to create a new CSR to renew my certificate?

We recommend generating a new CSR at the time of renewal for security reasons, however you're capable of using the original CSR if you decide.

Hide

Do I need to provide my business verification document again for renewing my OV/EV SSL certificate?

It all depends upon the information provided at time of renewal. The Certificate Authority (CA) can use some of the earlier parts of the information which was confirmed. If the order is of EV, it's mandatory to have valid documents of more than 13 months for the completion of business validation again. Whereas if you go for OV, then CA can make use of the earlier valid data for up to 39 months from the date of original order. Most importantly, if any of the information regarding your organization changes, you have to provide those documents as well.

Hide

I paid for my renewal, (where is my certificate/why is my site not secure)?

When you go through the renewal process it's similar to how you purchased your certificate the first time, most often people forget the fact that they have to generate the certificate again. If you've already generated the certificate, you'll want to check that you've completed all the validation steps for the certificate. After the certificate is issued, you'll need to install new one over the old existing certificate. The reason for having to install it again is because the certificate is hard coded and can't be edited, so you'll have to upload the newest one with the additional time.

Hide

I purchased a renewal certificate, but my website still displays the old certificate. What should I do?

When you go through the renewal process it's similar to how you purchased your certificate the first time, most often people forget the fact that they have to generate the certificate again. If you've already generated the certificate, you'll want to check that you've completed all the validation steps for the certificate. After the certificate is issued, you'll need to install new one over the old existing certificate. The reason for having to install it again is because the certificate is hard coded and can't be edited, so you'll have to upload the newest one with the additional time.

Hide

What is a Code Signing Certificate?

A code signing certificate is one type of digital signature algorithm as a certificate which verifies that code has not been changed or it's not malicious as it is signed by the author. You can say that it's one kind of "digital shrink-wrap" which assures that the code can be trusted and there's nothing wrong with it which eventually increase the trust of clients and willingness will also be there to download and install the same. All the major type of operating systems such as Windows, Apple OS X, & Linux supports this certificate and they also use it for their own to make sure that malicious code does not get distributed, if it's there any.

Hide

How do I generate a Code Signing certificate? Do I need a CSR?

To generate a Code Signing you'll want to be using FireFox as your browser, and you'll want to make sure that when you do the process, you're on a computer that you'll be able to access again. If you can't get access to the computer later when the certificate is issued, you won't be able to collect the certificate. When generating you'll be given browser controls to get your certificate generated and once generated your private key will be stored in FireFox's file system.

Hide

How do I download my code signing certificate?

After the completion of all the validation, the CA will issue the certificate and it will send as 'collection' or which is even said as 'pick-up' link to the provided email address. In order to download the certificate it's essential to use the same PC which was used in generating the order & Firefox should be used as a browser. After all this, Firefox will pull out the previously stored private key and it will install the code signing certificate on its own. It's advisable to export code signing certificate and private key into a PFX (.p12) file from the browser after the completion of download.

Hide

Why can't I download my code signing certificate?

The reason why you can't download your code signing certificate is probably going to be caused by you're not using FireFox as your web browser to generate or export the certificate. Along with you're not using the same computer which was used to generate the certificate. You'll want to make sure you're on the same computer and using FireFox for all steps of the Code Signing process.

Hide

How do I export my certificate from my browser?

Before going to the following steps be sure that you are using Firefox browser as it tends to be the most compatible browser with both Generation and Exportation. . Below the steps which should be used to export your code signing certificate and private key in Firefox -

  1. Click "Open" menu
  2. Go to "Options"
  3. After you'll want to go to "Advanced" or "Encryption".
  4. Now, select "View Certificates" from the certificate tab.
  5. After that, click the name of your certificate which is under Your Certificates.
  6. After it's highlighted, select "back up all" and then enter your passphrase.

Hide

How do I use my platform's signing tool?

Your Developers should know how to sign the code using their development platform, however if they're unfamiliar they can reference to the official documentation provided by the platform.

Hide

What platforms can I sign for?

Below are some of the platforms that be signed for -

  1. Windows 8
  2. Any Microsoft format (32 and 64 bit), EXE, OCX, MSI, CAB, DLL, and kernel software
  3. Adobe AIR applications
  4. JAVA applets
  5. Mozilla Object files
  6. MS Office Macro or VBA (Visual Basic for Applications) files
  7. Apple Mac software for MacOS 9 and OSX
  8. Microsoft Silverlight applications or XAF files

Hide