The next step after purchasing an SSL certificate is activation. In order to do this, you'll first need to have a CSR code generated on your server by your hosting provider. You may also generate one yourself by following these instructions. In either case, be sure to note the following tips before you begin:
Important: Usually, a dedicated IP address is required for SSL installation. However, if you have SNI technology available on your server, you can install your SSL certificate on a shared IP address. Check SNI availability for your hostname with your hosting provider prior to SSL certificate activation in order to avoid any of the known issues that may occur with this type of SSL certificate installation.
Be sure to locate and save the RSA private key that will arrive with your CSR code, as it will be required for the installation. It will not be possible to install the certificate without this code.
Ask your hosting company to advise you on the server type (software your server is using for CSR generation) for your hostname. This will be useful information to have during installation.
If you are using Namecheap hosting services, please review this article for help.
Note: If you need to activate the renewal certificate, it should be done from the Domain list. The SSL certificates list contains only the certificates which are not assigned to any domain name yet. Since the renewal certificates are linked to the domain names, they can be located in the Domain list after clicking on V button and expanding the list of services:
Once you have a CSR code generated, login to your Namecheap account and start the activation:
Hover your mouse over your account username in the upper left corner, then select Dashboard.
Next, select Product List > SSL Certificates.
Click the “Activate” button next to the certificate you wish to activate.
Enter (or cut-and-paste) your CSR code and choose the web server type from the drop-down menu. Once done, click “Submit”. NOTE: In this step, if you are activating a multi-domain certificate, you need to specify the additional domains you wish to include in the issued certificate.
Be sure that the information submitted in the CSR code is correct before proceeding.
On the next page, select Email validation, HTTP-based validation or DNS-based validation as the domain control validation method from the dropdown list.
For email validation, select an email address to which the approval email will be sent. For security reasons, the approval email can only be sent to a generic email associated with the domain name (e.g., webmaster@, postmaster@, hostmaster@, administrator@, admin@, etc.) or to the registered Whois email address.
Please note that if you do not select an email address, certificate activation will fail with a “Purchase Error” status.
For HTTP-based validation, you will need to upload a certain text file into into a particular directory of your website (/.well-known/pki-validation/)to have the certificate issued. You'll then be able to download the certificate file in your account after the order is submitted to the Certificate Authority for activation.
NB: If you have activated the certificate with domain.com or www.domain.com
indicated as FQDN in your CSR code, please make sure that the file is available via http://domain.com/.well-known/pki-validation/file.txt . In this
case, www.domain.com is considered to be under your control as well.
Content of the file shouldn't be changed in any way, as Comodo validation system is case sensitive.
For DNS-based validation, you must create a special CNAME record in the DNS records for your domain. This record will be also provided after the activation.
You can find more details about validation methods here.
Enter the administrative contact information. Depending on the certificate type, you may be asked for different types of information. Certificates that require business validation, for example, will require the business' or company's information. Non-mandatory fields are shown with an “Optional” tag. Administrator's contact information must be submitted using latin characters (Aa-Zz) and digits (0-9) only.
- Once you have entered this information correctly, click "Next".
Click "Confirm" to confirm the domain control validation method and submit the order.
Once done, you will be taken to the Certificate Management page where you can view the Order ID, Certificate Authority's order ID, and other details of the certificate.
By selecting "See Details," you can review certificate-related information, re-send the approval email, download the necessary file for HTTP-based validation, select a different validation method, and check the CNAME record.
Confirmation emails are delivered to the approval address within 10 minutes of activation. You must confirm the issuance by clicking the link included in the approval email. The validated certificate will then be sent to the administrative email address selected during activation.
HTTP-based and CNAME-based validation may take longer, as the Certificate Authority will need to locate the file or record. Please make sure that the file is publicly accessible and that there is no firewall blocking the requests behind your server.
The validation system used by Certificate Authority performs automatic checks of the validation file/record over a certain period of time. If validation fails, double-check that the file/record data is correct and accessible and make any necessary edits. Once the information is correct and accessible, the file/record should be validated when the CA validation system runs its next check.
Comodo OV/EV certificates will still send a domain validation email prior to the CA's document submission request. If you order an OV/EV certificate, Certificate Authority will send you a list of documents required to verify your business, depending on the type of the certificate. To expedite the certificate issuance, also make sure that the Whois for your domain contains the correct contact information. Order processing by Certification Authority may take up to an hour. If you do not receive an approval email within the specified time frame or the certificate has not been issued after one hour, and you have confirmed that the file or record is publicly accessible, please contact our SSL Support Team via live chat or ticket system for further assistance.