After your SSL purchase, activate your certificate in order to make it work for your website.
Before you begin with the SSL activation, you'll first need to have a CSR code generated on your server by your hosting provider. You may also generate one yourself by following our guide on generating CSR code.
In either case, be sure to note the following tips before you begin:
Here is a how-to video:
Note: SSL certificates cannot be issued for domains considered unsafe by Google Safe Browsing. All unsafe domains will automatically be removed from Multi-Domain SSL Certificates by Sectigo Certificate Authority (CA). Check Safe Browsing site status here.
For the CNAME-based method, you'll need to create a special record in your domain DNS. This CNAME record will be provided after the activation.
For the file-based validation, you will need to upload a certain text file into a particular directory of your website (/.well-known/pki-validation/) to
Note: If you have activated the certificate with domain.com or www.domain.com
indicated as Fully Qualified Domain Name (FQDN) in your CSR code, please make sure that the file is available via http://domain.com/.well-known/pki-validation/file.txt . In this
case, www.domain.com is considered to be under your control as well.
Content of the file shouldn't be changed in any way, as the Sectigo validation system is case sensitive.
For the Email-based option, select an email address to which the approval email will be sent. For security reasons, the approval email can only be sent to either a Whois registered email address or a generic email associated with the domain name (e.g., webmaster@, postmaster@, hostmaster@, administrator@, admin@).
Note: Upload a validation file method will be removed for Wildcard SSLs from October 21, 2021. Learn more.
The content of the file shouldn't be changed in any way, as Sectigo validation system is case sensitive.
You can find more details about validation methods here.
Once you've selected the appropriate DCV method, click Next.
Important: Please ensure to specify the officially registered business email address for the company in the "Representative" section.
Note: The "Representative" section is required only for OV certificates.
Once done, you will be taken to the certificate Management page, where you can view the Order ID, Certificate Authority's order ID ('CA order ID'), and other details of the certificate.
Note: You'll see the instructions on how to switch between the DCV options in the yellow panel at the top of the page. Use the corresponding link to go to the 'Edit methods' page.
By clicking the from this page (Edit methods) link, you'll be redirected to the page where you can review certificate-related information and switch the DCV options.
Confirmation emails are delivered to the approval address within 10 minutes after the activation. You must confirm the issuance by clicking the link included in the approval email. The validated certificate will then be sent to the administrative email address selected during the activation.
An HTTP-based and CNAME-based validation may take longer, as the Certificate Authority will need to locate the file or record. Please make sure that the file is publicly accessible and that there is no firewall blocking the requests behind your server.
The validation system used by a Certificate Authority performs automatic checks of the validation file/record over a certain period of time. If validation fails, double-check that the file/record data is correct and accessible and make any necessary edits. Once the information is correct and accessible, the file/record should be validated when the CA validation system runs its next check.
Sectigo OV/EV certificates will still send a domain validation email prior to the CA's document submission request. If you order an OV/EV certificate, Certificate Authority will send you a list of documents required to verify your business, depending on the type of the certificate. To expedite the certificate issuance, also make sure that the Whois for your domain contains the correct contact information. Order processing by Certification Authority may take up to an hour. If you do not receive an approval email within the specified time frame or the certificate has not been issued after one hour, and you have confirmed that the file or record is publicly accessible, please contact our SSL Support Team via Live Chat or Ticket for further assistance.