- Home
- Frequently Asked Questions
Frequently Asked Questions
Answers to all your SSL questions
Hello, how can we help you?
SSL, which stands for Secure Socket Layer, is a common security technology that makes online communication safe. It ensures that when you visit a website, the information exchanged between your browser and the website's server, such as credit card details or login information, is encrypted and secure. This encryption relies on a pair of keys, one public and one private, to keep your sensitive data safe.
A Domain Validated SSL Certificate is the fastest and easiest way to secure your website. It only verifies the ownership of the domain name during the process. If you can prove that you control a registered domain, you can get this SSL security within minutes of placing an order. DV certificates are great for small or new businesses.
To get an Organization Validated (OV) SSL certificate, you need to show that you control a registered domain and share specific details about your company. The Certificate Authority (CA) checks this information using external sources. An OV certificate is great for business websites because it confirms and shows your company information, reassuring users that you own the website and can be trusted.
An Extended Validation (EV) certificate is like a top-tier SSL certificate. It gives customers a strong sense of trust by displaying a special symbol in the browser's address bar. EV SSL certificates ensure a secure connection and visually confirm the identity of a business.
A Wildcard SSL Certificate keeps one main website (like domain.com) safe, along with any number of sub-websites (such as mail.domain.com, blog.domain.com, login.domain.com, and so on). You can identify a wildcard certificate because it has an asterisk, like *.domain.com.
Sure! A Multi Domain or SAN (Subject Alternative Names) certificate keeps many different domain names safe using just one certificate. This includes protecting domain.com, example.net, website.org, and more.
A wildcard certificate secures a single domain (domain.com) and an unlimited number of sub-domains at a specific level. A multi-domain (SAN) certificate protects multiple domain names (domain.com, newdomain.org, otherdomain.com) under one certificate.
All the certificates we offer support 256-bit encryption.
SHA stands for Signature Hashing Algorithm. It's a method used by Certificate Authorities to sign certificates. SHA-1 is the older version, producing a 160-bit hash value. SHA-2 is the current standard for hashing algorithms.
Certainly! We work with popular SSL brands, and their certificates are recognized by almost all major web browsers. They have a 99% compatibility with browsers and are widely supported.
SSL Certificate Warranty is like insurance for your SSL. It keeps you safe in case your SSL is misused, hacked, or experiences a data breach because of issues with the certificate. Every certificate we offer includes SSL warranty.
SSL certificates are valid for 1 to 3 years. You can order Extended Validation (EV) certificates for a maximum of 2 years, while Domain Validation (DV) and Organization Validation (OV) certificates can be obtained for up to 3 years.
An Intermediate Certificate is like a middleman certificate that links your SSL certificate to the trusted root in your web browser.
To keep your internal websites, secure with SSL, you need to use an official registered domain that is publicly available. SSL certificates won't be given for internal domains that are not registered or delegated.
The key difference is the length of the security code used when your browser makes a secure connection (SSL). For most practical purposes, a 128-bit key provides sufficient security. You'd only need a 256-bit key if it's mandated by your industry or company rules.
You can protect a maximum of 100 domains using SAN certificates, but the exact number may vary depending on the SSL brand you choose.
To keep things secure, if certain situations arise, you'll have to get a new SSL Certificate. Just make a new CSR and send it to us, and we'll issue the certificate again for you.
SSL certificates work well with popular web and mobile browsers. If there's an issue with certain browsers, it's likely because they're outdated and rarely used, or they're custom-made browsers that very few people use.
You have 30 days from when we issue the certificate to ask us to change things like the Common Name or Organization. Once those 30 days are over, we can't make any more changes.
Certainly! Sure, all the certificates we offer include free reissues until the certificate expires.
SSL certificates work with any server that can perform SSL handshakes. They are not limited to a specific server; they are universal.
Yes, our certificates work with the TLS protocol. However, they rely on the settings of the server. In simple terms, the certificate will support whatever protocols or ciphers the server has enabled.
You can use the following platforms to sign:
- Any Microsoft format (32 and 64 bit), like EXE, OCX, MSI, CAB, DLL, and kernel software.
- Adobe AIR applications.
- JAVA applets.
- MS Office Macro or VBA (Visual Basic for Applications) files.
- Microsoft Silverlight applications or XAF files.
No, you need to get a brand-new EV SSL certificate.
The information about the web server is just for keeping records and providing support. The certificates have the same format no matter which web server you use.
For a quotation request you can perform a offline transaction, after the transaction is completed you can download invoice which you can use as a quotation.
SSL Certificate Country Codes
\Find your Country Code from the list provided below.
Country Codes are required when creating a Certificate Signing Request. The SSL Certificate Country Codes that you need to enter when creating your CSR are as follows:
- US United States of America
- CA Canada
- AX Åland Islands
- AD Andorra
- AE United Arab Emirates
- AF Afghanistan
- AG Antigua and Barbuda
- AI Anguilla
- AL Albania
- AM Armenia
- AN Netherlands Antilles
- AO Angola
- AQ Antarctica
- AR Argentina
- AS American Samoa
- AT Austria
- AU Australia
- AW Aruba
- AZ Azerbaijan
- BA Bosnia and Herzegovina
- BB Barbados
- BD Bangladesh
- BE Belgium
- BF Burkina Faso
- BG Bulgaria
- BH Bahrain
- BI Burundi
- BJ Benin
- BM Bermuda
- BN Brunei Darussalam
- BO Bolivia
- BR Brazil
- BS Bahamas
- BT Bhutan
- BV Bouvet Island
- BW Botswana
- BZ Belize
- CA Canada
- CC Cocos (Keeling) Islands
- CF Central African Republic
- CH Switzerland
- CI Cote D'Ivoire (Ivory Coast)
- CK Cook Islands
- CL Chile
- CM Cameroon
- CN China
- CO Colombia
- CR Costa Rica
- CS Czechoslovakia (former)
- CV Cape Verde
- CX Christmas Island
- CY Cyprus
- CZ Czech Republic
- DE Germany
- DJ Djibouti
- DK Denmark
- DM Dominica
- DO Dominican Republic
- DZ Algeria
- EC Ecuador
- EE Estonia
- EG Egypt
- EH Western Sahara
- ER Eritrea
- ES Spain
- ET Ethiopia
- FI Finland
- FJ Fiji
- FK Falkland Islands (Malvinas)
- FM Micronesia
- FO Faroe Islands
- FR France
- FX France, Metropolitan
- GA Gabon
- GB Great Britain (UK)
- GD Grenada
- GE Georgia
- GF French Guiana
- GG Guernsey
- GH Ghana
- GI Gibraltar
- GL Greenland
- GM Gambia
- GN Guinea
- GP Guadeloupe
- GQ Equatorial Guinea
- GR Greece
- GS S. Georgia and S. Sandwich Isls.
- GT Guatemala
- GU Guam
- GW Guinea-Bissau
- GY Guyana
- HK Hong Kong
- HM Heard and McDonald Islands
- HN Honduras
- HR Croatia (Hrvatska)
- HT Haiti
- HU Hungary
- ID Indonesia
- IE Ireland
- IL Israel
- IM Isle of Man
- IN India
- IO British Indian Ocean Territory
- IS Iceland
- IT Italy
- JE Jersey
- JM Jamaica
- JO Jordan
- JP Japan
- KE Kenya
- KG Kyrgyzstan
- KH Cambodia
- KI Kiribati
- KM Comoros
- KN Saint Kitts and Nevis
- KR Korea (South)
- KW Kuwait
- KY Cayman Islands
- KZ Kazakhstan
- LA Laos
- LC Saint Lucia
- LI Liechtenstein
- LK Sri Lanka
- LS Lesotho
- LT Lithuania
- LU Luxembourg
- LV Latvia
- LY Libya
- MA Morocco
- MC Monaco
- MD Moldova
- ME Montenegro
- MG Madagascar
- MH Marshall Islands
- MK Macedonia
- ML Mali
- MM Myanmar
- MN Mongolia
- MO Macau
- MP Northern Mariana Islands
- MQ Martinique
- MR Mauritania
- MS Montserrat
- MT Malta
- MU Mauritius
- MV Maldives
- MW Malawi
- MX Mexico
- MY Malaysia
- MZ Mozambique
- NA Namibia
- NC New Caledonia
- NE Niger
- NF Norfolk Island
- NG Nigeria
- NI Nicaragua
- NL Netherlands
- NO Norway
- NP Nepal
- NR Nauru
- NT Neutral Zone
- NU Niue
- NZ New Zealand (Aotearoa)
- OM Oman
- PA Panama
- PE Peru
- PF French Polynesia
- PG Papua New Guinea
- PH Philippines
- PK Pakistan
- PL Poland
- PM St. Pierre and Miquelon
- PN Pitcairn
- PR Puerto Rico
- PS Palestinian Territory
- PT Portugal
- PW Palau
- PY Paraguay
- QA Qatar
- RE Reunion
- RO Romania
- RS Serbia
- RU Russian Federation
- RW Rwanda
- SA Saudi Arabia
- SB Solomon Islands
- SC Seychelles
- SE Sweden
- SG Singapore
- SH St. Helena
- SI Slovenia
- SJ Svalbard and Jan Mayen Islands
- SK Slovak Republic
- SL Sierra Leone
- SM San Marino
- SN Senegal
- SR Suriname
- ST Sao Tome and Principe
- SU USSR (former)
- SV El Salvador
- SZ Swaziland
- TC Turks and Caicos Islands
- TD Chad
- TF French Southern Territories
- TG Togo
- TH Thailand
- TJ Tajikistan
- TK Tokelau
- TM Turkmenistan
- TN Tunisia
- TO Tonga
- TP East Timor
- TR Turkey
- TT Trinidad and Tobago
- TV Tuvalu
- TW Taiwan
- TZ Tanzania
- UA Ukraine
- UG Uganda
- UM US Minor Outlying Islands
- US United States
- UY Uruguay
- UZ Uzbekistan
- VA Vatican City State (Holy See)
- VC Saint Vincent and the Grenadines
- VE Venezuela
- VG Virgin Islands (British)
- VI Virgin Islands (U.S.)
- VN Viet Nam
- VU Vanuatu
- WF Wallis and Futuna Islands
- WS Samoa
- YE Yemen
- YT Mayotte
- ZA South Africa
- ZM Zambia
- COM US Commercial
- EDU US Educational
- GOV US Government
- INT International
- MIL US Military
- NET Network
- ORG Non-Profit Organization
- ARPA Old style Arpanet
Discover SSL Certificates designed to fit your budget at HTTPS.GLOBAL. We offer competitive prices to provide excellent security without costing too much. Your website's safety is important – opt for HTTPS.GLOBAL for great value and peace of mind!
Use the SSL Expert AI Tool to find the best SSL Certificate for your websites based on your needs. All certificates come with strong encryption levels, either 128 or 256 bits.
Certainly! An SSL Certificate shows that your business and website can be trusted, making people feel confident about doing business with you. Without an SSL Certificate, visitors to your website might see a "Not Secure" message, which can make them uneasy.
The trial certificate you receive is just like our regular SSL Certificates. It works in all browsers and provides the same level of security. You can use it to thoroughly test your systems before officially launching them. To make sure it meets the same standards as our other certificates, we go through a validation process for every application we receive.
Certainly! You have to check it again because each certification authority has strict rules for confirming the information you give them.
Certainly! Please resend the documents because we treat it as a new purchase.
The time it takes to get a new SSL certificate varies based on several factors. These include the type of SSL certificate, the validation process, and how quickly you respond with the requested information from us or the certificate authority.
All major web and mobile browsers are compatible with the SSL certificates provided by us.
If there are some browsers which are incompatible with it, then those browsers are either very old, and nobody uses them anymore, or they are custom made browsers, and again, very few or no people use them.
The trial certificate is just like our regular SSL Certificates. It works in all browsers and has strong encryption. You can use it to test your systems before using the official certificate. Since it's free, we have a limit on how many trial certificates we can give out.
Certainly! Sure, if you plan to renew your certificate within 90 days before it expires, we can transfer the remaining days to the new certificate you wish to buy.
No, you need to create a new CSR (Certificate Signing Request) and send it to us. Then we can give you a certificate.
Certificate Authorities understand that thorough validation is crucial for the ongoing success of online businesses. Before granting a certificate, we check that the person applying either owns the domain name or has the legal right to use it. Additionally, we confirm that the applicant is a genuine and legally responsible entity. To accomplish this, we need to review relevant documents that confirm these details.
You don't have to provide any documents to buy a Domain Validated (DV) certificate. Just make sure you confirm that you own the domain by responding to the email you get from the Certificate Authority (CA).
Organization Validation verification involves checking your business registration. If the Certificate Authority (CA) can confirm it online, no extra documents are needed. But if online data is unavailable or inaccurate, the CA might ask for additional official government registration documents, depending on the situation.
Please find the list of documents to be provided given below :-
a) SSL Documentation Form,
b)Acknowledgement of Agreement letter
c)Professional Opinion Letter (if required)
If you don't receive the DRC email, the Certifying Authority (CA) can send it again. Alternatively, you can use a Professional Opinion Letter (POL)."
In order to reschedule this, please contact us and provide your availability. Please note, not all telephone numbers are suitable. The number must be verified by the Certificate Authority (CA), so please confirm the number that the CA will be calling.
Once we check and confirm everything, we'll send the certificate to the email address you gave us for technical communication. If the email doesn't show up, please get in touch with us, and make sure to check your Spam and Junk Mail folders first.
Certainly, you can use this for EV, OV, and DV Certificates.
It depends on the type of certificate and the validation process of the Certificate Authority. Domain Validated (DV) Certificate can take a few minutes to a business day, Organization Validated (OV) Certificate can be issued within 2-3 days to be issued and Extended Validation (EV) Certificate usually take around 5-10 business days to be issued.
We can include the phone number you give us in the Professional Opinion Letter (POL) and confirm it so the CA can reach out to you.
When you set up a server, the public key it generates should be at least 2048 bits, depending on the software you're using. This key becomes part of your digital certificate. The private key, which is used to secure your SSL Certificate, should also be a minimum of 2048 bits.
No, they support the key size set by the web server or browser. If the web server or browser can only use 40 or 128 bits, then that's the session that gets created.
The problem is probably because a middle certificate hasn't been loaded. To check if your certificate is installed correctly, go to our Online Support Center and follow the SSL Certificate Installation instructions.
This error normally occurs due to following reasons:
- The website's files aren't in the secure "https" directory on the web server. You can check this by trying to access the file using an unsecured "http" call. If the pages don't load correctly, add the files to the "https" directory in the SSL configuration.
- Port 443 is blocked by the server's or the user's firewall. To fix this, open up port 443 for both inbound and outbound traffic on the firewall.
- The https server is not working. Check your web server's task manager to see if the server running the https service is up.
- There might be an issue with the SSL certificate. Make sure your SSL certificate has a corresponding private key file. Refer to the installation documents for your web server on our support site to confirm that you've installed the SSL certificate correctly with the corresponding private key file.
If your website isn't loading securely (https), it might be because you're trying to load content over an insecure connection (http) when you're in SSL mode. Check your website's code and make sure there are no references to files or graphics like 'src=http://www.yourcompany.com/directory/file.gif.'
If you have such references, make them relative (like 'src=/directory/file.gif') or use https (like 'src=https://www.yourcompany.com/directory/file.gif')."
This problem happens when you try to use a certificate on a website with a different full address than the one it was meant for. For instance, if the certificate is for www.yourcompany.com, using it on secure.yourcompany.com will cause an error because they don't match.
You might also encounter a Security Alert if you forgot to install the intermediate certificate and restart your server.
If your Load Balancer is connected to the internet and handles SSL offloading, you only need one SSL Certificate. The purpose of a load balancer is to make all your servers look like one to the client.
If you plan to use a domain name (like http://myservice.com) instead of an IP address (like http://192.168.0.1) for your website, the IP address for SSL doesn't have to stay the same all the time; it just needs to be exclusively used for your site. The challenge with using SSL on a changing IP address is that you'll need to adjust your DNS settings to keep up with the changes in your IP address.
Having a unique IP address for every website can cause issues because there are limited IP addresses available. To tackle this, Server Name Indication (SNI) comes into play. Browsers that support SNI share the website name they're trying to connect with when establishing a secure connection. This helps the server know which certificate to send. With SNI, multiple certificates for different domain names can be linked to a single IP address. So, visitors won't experience any noticeable differences when accessing your website.
Sometimes, the name on a website certificate and the address in your browser might not exactly match. This can happen if "www." is missing in the browser, if the certificate is assigned incorrectly, or if the purchased certificate doesn't cover the specific subdomain or domains you're trying to access.
The old standard for SSL certificates was 1024 bits, but it's not considered safe enough since 2010. Major certification authorities and their partners now only accept root keys that are 2048 bits or longer.
The size of your SSL certificate's root key, whether it's 4096 bits or 2048 bits, doesn't make a big difference because both are very secure. Most certificate authorities accept both 2048 and 4096 bit root keys. The latest web browsers can handle certificates with up to 4096 bits.
In recent years, there have been fake SSL certificates created because of mistakes by certificate authorities (CAs) or compromised server infrastructure. These fake certificates make websites look secure and verified, tricking web browsers and users into thinking they're visiting a safe site.
SSL certificates are crucial for the HTTPS protocol. They are signed by a trusted CA and issued only after verifying that the requester is the real owner of the domain.
Google's Certificate Transparency project addresses flaws in the SSL certificate system that supports HTTPS connections. It doesn't prevent bad certificates but allows anyone to check all certificates issued by a CA through centralized logging. This transparency helps identify unusual activity and allows companies to monitor certificates created with their domains. More log servers can be added by other CAs, increasing transparency as the popularity of Certificate Transparency grows.
When you buy an SSL certificate, you get something called a Site Seal. This seal acts like a stamp that shows your website is legitimate. It's proof that a Certificate Authority (CA) has checked and verified your business or organization. The smart site seal, which is prominently displayed on your site, assures visitors that they can trust your website to have top-notch encryption. If they click on the seal, they can see that your site is authentic.
A code signing certificate is like a digital stamp that shows the code (like programs or files) hasn't been changed or messed up since the author signed it. You can use it for various types of code, such as .exe, .cab, .dll, .ocx, and .xpi files.
The usual platforms include Microsoft, JAVA, Adobe, Android, and more. Developers use these platforms to create and sign their apps using specific tools. Each platform has its own unique features.
You might have difficulty downloading the code signing certificate, and this could be because of a few reasons. Firstly, if you're not using the same web browser that you used to create the certificate signing request (CSR) or if you're not using the browser correctly, you'll get an error message. Secondly, if you're not on the same computer where you placed the order, using a different computer will cause the corresponding private key to be missing, and you won't be able to download the code signing certificate.
A private key is crucial for setting up SSL on your website. Keep it secret on your server, and don't share it with your SSL provider or others. If you lose or delete your private key, you'll need to create a new CSR.
- First, check if you have a backup. Try reinstalling the "private key" from your backups. If you're unsure how to do this, reach out to your system administrator or call us for technical support.
- If all else fails, the last option is to reissue your SSL Certificate. To do this, create a new CSR (Certificate Signing Request) and send it to us. We'll then reissue your certificate for you.
The problem is likely because the middle certificate is not installed. To fix it, please install the middle certificate.
A Certificate Signing Request (CSR) is like a special file made on the server for SSL Certificates. It has details about your organization and domain name.
When you're getting an SSL Certificate, put the website name you want it for in the Common Name field. Don't add 'http://' before the name, and don't include any slashes or subfolders after the name.
If they have the Private Key and you're using the original CSR, your encrypted sessions could be at risk. But if you use a new CSR, even if someone has the Private Key, they won't be able to decrypt your sessions once you apply the new certificate.