How do I activate a multi-domain SSL certificate?

Once a multi-domain SSL certificate was purchased, the process of its activation should be completed. In order to activate a newly purchased multi-domain certificate, you will need to have a CSR (Certificate Signing Request) code generated on your server. You can either do it yourself (all necessary guides can be found here)or ask your hosting provider to do it for you. The CSR code for a multi-domain SSL certificate can be generated for the primary domain (used as the “Common Name”) only, as all additional domains (SANs) can be specified right in your Namecheap account during the certificate activation. You can also generate a CSR code along with SANs on your server.

  • Make sure you save and locate the RSA private key that was generated along with the CSR on your server, as it will be required for further installation.
  • We would also recommend asking your hosting provider about the server type (software used on your server for CSR generation) as this information will be useful during the installation process.
  • If you are using Namecheap hosting services, you can refer to this guide to get the CSR generated.
  • Keep in mind that SSL Certificates cannot be issued for domains considered unsafe by Google Safe Browsing. All unsafe domains will automatically be removed from Multi-Domain SSL certificates by Comodo. Check Safe Browsing site status here.

Once you have a CSR code, log into your Namecheap account to start the activation process.

  1. Hover your mouse over the username located in the left corner of the page and select “Dashboard”:

    multi1


  2. Your SSL certificate can be located in the Product list section. Click on the “Activate” button next to the certificate in question:
  3. mdcact1

  4. Copy and paste your CSR code including -----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST----- tags into the corresponding field:
  5. mdcact2

    The common name of the certificate (Primary Domain) will be filled in automatically. You will also have an opportunity to specify SANs (Subject Alternative Names - additional domains you would like to secure) by clicking the “Buy more domain seats” button or on “Product List” prior to initiating activation:

    mdcact0

    If you generated the CSR along with SANs, they will be fetched automatically just as the primary domain.

    If you click on this button, the following page will appear:

    multi8

    Here you can add SANs and proceed to checkout.
    Please keep in mind that it is necessary to pay extra for every SAN (Add-On Domain) you would like to add to your multi-domain certificate.
    If you skip this step and choose the “Next” option, you will see the page with the information auto-filled from submitted CSR code:

    mdcact5

  6. Click on the “Next” button to proceed with the activation process.
  7. Select the DCV (Domain Control Validation) method for each domain name on the next page:
  8. mdcact6

    There are three methods available for Domain Control Validation: Email-based, DNS-based and HTTP-based one.

    Email-based validation involves receiving an approval email at one of the following domain-related generic emails (admin@yourdomain.tld, administrator@yourdomain.tld, postmaster@yourdomain.tld, webmaster@yourdomain.tld, hostmaster@yourdomain.tld) or Whois email contact address.

    DNS-based validation involves creating a CNAME record in the DNS records of the domain.

    HTTP-based validation involves uploading of the activation file to the following directory of your site: /.well-known/pki-validation/.

    NB!: If you have activated the certificate with domain.com or www.domain.com indicated as FQDN in your CSR code, please make sure that the file is available via http://domain.com/.well-known/pki-validation/file.txt. In this case, www.domain.com is considered to be under your control as well.
    Content of the file shouldn't be changed in any way, as Comodo validation system is case sensitive.

    You can find more information about DCV methods here.
    You can either use different methods for each domain name (subdomain), or use the same method for all of them.
    Check the corresponding option if you would like to use one validation method for all SANs:

    Note: In order to have a multi-domain certificate validated and issued, it is necessary to complete the validation process for every SAN separately (receive the approval emails, upload the activation file to the root directory of every website, create the CNAME record for every domain name (subdomain)).

    Another thing is that www and non-www versions of one website are considered as two different hostnames, so if you would like to secure both www and non-www versions of one website, it will be necessary to specify both of them in the list of SANs.
    Once the DCV methods are chosen for all domain names, you can move forward by clicking on the “Next” button:

  1. Enter email address you would like to receive SSL certificate to and proceed further.
  2. newact4

    Note: administrative contact email cannot be changed later, however, issued SSL can always be downloaded from the Namecheap account.

    In case organization or extended validation certificate is activated, you will be asked to submit company contact information:

    newact4_1

    Note: “Representative” section is listed only for OV certificates. For EV orders, the aforementioned section is not required.

  3. Once all required fields are filled in, click on the “Next” button to move onward.
  4. Review information and submit certificate request to Comodo.
  5. mdcact7

    You will be taken to the page where you can check the details regarding your certificate (Validity period, Validation level, Certificate Authority ID, Namecheap Order ID and number of the domains to be secured with the certificate in question):

    multi15

    If you click on the “See details” button, you will see the page with the details submitted during the activation process including certificate ID, certificate status, primary domain, SANs (add-on domains), servertype, hashing algorithm, DCV methods, contact details and CSR code:

    multi16_1

    Here you can also change the validation method by clicking on the “Edit Methods” button:

    multi17

    You can resend the approval email/download the activation file/get the corresponding values for the CNAME record by clicking on the small arrow next to the “Edit Methods” option:

    multi18

    multi19

    multi20

    newact7

    multi22

    DNSrecmulti

    It usually takes 10-15 minutes to deliver the approval email. You will need to enter the validation code into the corresponding field (the code can be found in the same email).
    Here is an example of the approval email sent by Comodo for Email validation:

    multi24

    HTTP and DNS-based validation may take longer, as these processes are fully automated and checks are performed on the side of the Certificate Authority over a certain period of time.

    If validation fails, make sure that the file is uploaded/CNAME is set up correctly and accessible all over the world.

    Once the email is received/file or record is accessible, and the DCV process is completed, your DV (Domain Validation) SSL certificate will be emailed to the administrative contact email address mentioned during the activation.

    As for Organization Validation (OV) and Extended Validation (EV) SSL certificates, DCV should be completed prior to the documents submission. The list of the documents required for further validation depending on the type of the certificate will be emailed to you as well.
    You can also find the requirements of Comodo CA for OV and EV certificates validation here.

    Should you have any questions, please do not hesitate to contact our SSL Support Team via Live Chat or ticket system.

Comments

We welcome your comments, questions, corrections and additional information relating to this article. Your comments may take some time to appear. Please be aware that off-topic comments will be deleted.

If you need specific help with your account, feel free to contact our Support Team. Thank you.

Need help? We're always here for you.

× Close