How do I activate an SSL certificate?

The next step after purchasing an SSL certificate is activation. In order to do this, you'll first need to have a CSR code generated on your server by your hosting provider. You may also generate one yourself by following these instructions. In either case, be sure to note the following tips before you begin:

  • Important: Usually, a dedicated IP address is required for SSL installation. However, if you have SNI technology available on your server, you can install your SSL certificate on a shared IP address. Check SNI availability for your hostname with your hosting provider prior to SSL certificate activation in order to avoid any of the known issues that may occur with this type of SSL certificate installation.
  • Be sure to locate and save the RSA private key that will arrive with your CSR code, as it will be required for the installation. It will not be possible to install the certificate without this code.
  • Ask your hosting company to advise you on the server type (software your server is using for CSR generation) for your hostname. This will be useful information to have during installation.
  • If you are using Ekhteear hosting services, please review this article for help.
  • Note: If you need to activate the renewal certificate, it should be done from the Domain list. The SSL certificates list contains only the certificates which are not assigned to any domain name yet. Since the renewal certificates are linked to the domain names, they can be located in the Domain list after clicking on V button and expanding the list of services:

    Renewal2

    Once you have a CSR code generated, login to your Ekhteear account and start the activation:

  • Hover your mouse over your account username in the upper left corner, then select Dashboard.

    dashboard

  • Next, select Product List > SSL Certificates.

    sslactivation2.png

  • Click the “Activate” button next to the certificate you wish to activate.

    sslactivation3.png

  • Enter (or cut-and-paste) your CSR code and choose the web server type from the drop-down menu. Once done, click “Submit”. NOTE: In this step, if you are activating a multi-domain certificate, you need to specify the additional domains you wish to include in the issued certificate.

    sslactivation4.png

  • Be sure that the information submitted in the CSR code is correct before proceeding.
  • On the next page, select Email validation, HTTP-based validation or DNS-based validation as the domain control validation method from the dropdown list.

    sslactivation5.png

    For email validation, select an email address to which the approval email will be sent. For security reasons, the approval email can only be sent to a generic email associated with the domain name (e.g., webmaster@, postmaster@, hostmaster@, administrator@, admin@, etc.) or to the registered Whois email address. 
    Please note that if you do not select an email address, certificate activation will fail with a “Purchase Error” status.

    For HTTP-based validation, you will need to upload a certain text file into the root directory of your website to have the certificate issued. You'll then be able to download the certificate file in your account after the order is submitted to the Certificate Authority for activation.

    For DNS-based validation, you must create a special CNAME record in the DNS records for your domain. This record will be also provided after the activation.

    You can find more details about validation methods here.

  • Enter the administrative contact information. Depending on the certificate type, you may be asked for different types of information. Certificates that require business validation, for example, will require the business' or company's information. Non-mandatory fields are shown with an “Optional” tag. Administrator's contact information must be submitted using latin characters (Aa-Zz) and digits (0-9) only.
  • Once you have entered this information correctly, click "Next".

    sslactivation6.png

  • Click "Confirm" to confirm the domain control validation method and submit the order.

    sslactivation7.png

Once done, you will be taken to the Certificate Management page where you can view the Order ID, Certificate Authority's order ID, and other details of the certificate.

sslactivation8.png

By selecting "See Details," you can review certificate-related information, re-send the approval email, download the necessary file for HTTP-based validation, select a different validation method, and check the CNAME record.

sslactivation9.png

sslactivation10.png

sslactivation11.png

Confirmation emails are delivered to the approval address within 10 minutes of activation. You must confirm the issuance by clicking the link included in the approval email. The validated certificate will then be sent to the administrative email address selected during activation.

HTTP-based and CNAME-based validation may take longer, as the Certificate Authority will need to locate the file or record. Please make sure that the file is publicly accessible and that there is no firewall blocking the requests behind your server.

The validation system used by Certificate Authority performs automatic checks of the validation file/record over a certain period of time. If validation fails, double-check that the file/record data is correct and accessible and make any necessary edits. Once the information is correct and accessible, the file/record should be validated when the CA validation system runs its next check.

Comodo OV/EV certificates will still send a domain validation email prior to the CA's document submission request. If you order an OV/EV certificate, Certificate Authority will send you a list of documents required to verify your business, depending on the type of the certificate. To expedite the certificate issuance, also make sure that the Whois for your domain contains the correct contact information. Order processing by Certification Authority may take up to an hour. If you do not receive an approval email within the specified time frame or the certificate has not been issued after one hour, and you have confirmed that the file or record is publicly accessible, please contact our SSL Support Team via live chat or ticket system for further assistance.

Associated A

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

What is a Certificate Signing Request (CSR)?

A CSR (Certificate Signing Request) is a small, encoded text file containing information about...

How do I generate a CSR code?

Typically, a Certificate Signing Request (or CSR) code is generated upon your request by your...

How to put domain correctly in CSR?

Each SSL certificate’s life cycle implies three main stages: activation, domain ownership (and in...

SSL certificate activation and installation for domain(s) hosted on perkyrabbit space hosting servers

If you have a single domain Domain Validation certificate and shared hosting with perkyrabbit...

Powered by WHMCompleteSolution