How do I activate an SSL certificate

Steps to get the SSL certificate activated

After your SSL purchase, activate your certificate in order to make it actually work for your website.

Before you begin  with the SSL activation, you'll first need to have a CSR code generated on your server by your hosting provider. You may also generate one yourself by following our guide on generating CSR code.

In either case, be sure to note the following tips before you begin:

Important tips before you activate SSL

  • Check with your hosting provider whether they support third-party SSL certificates.
  • Some hosting providers may still require a dedicated IP addressfor SSL installation. Thus, please also double-check on this matter with the server provider.
      Note: The dedicated IP is not required for SSL installation purposes on Namecheap hosting as we have  SNI technology enabled on all our servers.
  • Ensure to locate and back up the RSA private key that will arrive with your CSR code, as it will be required for the installation. It will not be possible to install the certificate without this code.
  • If you are using Namecheap hosting services, please review this article for help.
   Note: If you need to activate the renewal certificate, it can be done either from the SSL Certificates list or from the Domain List with the All Products option selected at the top.


Once you have a CSR code generated, log in to your Namecheap account and start the activation:

  1. Hover your mouse over your account username in the upper left corner, then select Dashboard.

  2. Next, open the SSL Certificates tab.


Activate your SSL

  1. Click on Activate next to the certificate you wish to activate.

  2. Enter (or copy-and-paste) your CSR code and click Next.
    Note: In this step, if you are activating a multi-domain certificate, you need to specify the additional domains you wish to include in the issued certificate. The certificate activation process for the Multi-Domain certificate is described in detail here.

  3. Note: SSL certificates cannot be issued for domains considered unsafe by Google Safe Browsing. All unsafe domains will automatically be removed from Multi-Domain SSL Certificates by Sectigo CA (former Comodo). Check Safe Browsing site status here.

  4. On the next page, select the validation method to confirm your domain ownership from the drop-down list.

    For the CNAME-based method, you'll need to create a special record in your domain DNS. This CNAME record will be provided after the activation.

    For the file-based validation, you will need to upload a certain text file into a particular directory of your website (/.well-known/pki-validation/) to have the certificate issued. You'll then be able to download the certificate file in your account after the order is submitted to the Certificate Authority for activation. This method is not available for Wildcard SSLs.

  5. Note: If you have activated the certificate with domain.com or www.domain.com indicated as FQDN in your CSR code, please make sure that the file is available via http://domain.com/.well-known/pki-validation/file.txt . In this case, www.domain.com is considered to be under your control as well.

    Content of the file shouldn't be changed in any way, as the Sectigo (former Comodo) validation system is case sensitive.

    For the Email-based option
    , select an email address to which the approval email will be sent. For security reasons, the approval email can only be sent to either a Whois registered email address or a generic email associated with the domain name (e.g., webmaster@, postmaster@, hostmaster@, administrator@, admin@).

    Note: Upload a validation file method will be removed for Wildcard SSLs from October 21, 2021. Learn more.

    The content of the file shouldn't be changed in any way, as Sectigo (former Comodo) validation system is case sensitive.

    You can find more details about validation methods here.

    Once you've selected the appropriate DCV method, click Next.

  6. On the next step, enter the email address you would like to receive an SSL certificate to and proceed further.

    If it's one of the Organization Validated or Extended Validated certificates, you'll also be prompted to fill out the company details:


  7. Note: Administrative contact email cannot be changed later, however, issued SSL can always be downloaded from the Namecheap account.

    Note: The "Representative" section is required only for OV certificates.

  8. Review information and click Submit to confirm your certificate request.

  9. Once done, you will be taken to the certificate Management page, where you can view the Order ID, Certificate Authority's order ID ('CA order ID'), and other details of the certificate.


    Note: You'll see the instructions on how to switch between the DCV options in the yellow panel at the top of the page. Use the corresponding link to go to the 'Edit methods' page.

    By clicking the from this page (Edit methods) link, you'll be redirected to the page where you can review certificate-related information and switch the DCV options.



Confirmation to enable the SSL certificate

Confirmation emails are delivered to the approval address within 10 minutes after the activation. You must confirm the issuance by clicking the link included in the approval email. The validated certificate will then be sent to the administrative email address selected during the activation.

An HTTP-based and CNAME-based validation may take longer, as the Certificate Authority will need to locate the file or record. Please make sure that the file is publicly accessible and that there is no firewall blocking the requests behind your server.

The validation system used by a Certificate Authority performs automatic checks of the validation file/record over a certain period of time. If validation fails, double-check that the file/record data is correct and accessible and make any necessary edits. Once the information is correct and accessible, the file/record should be validated when the CA validation system runs its next check.

Sectigo (former Comodo) OV/EV certificates will still send a domain validation email prior to the CA's document submission request. If you order an OV/EV certificate, Certificate Authority will send you a list of documents required to verify your business, depending on the type of the certificate. To expedite the certificate issuance, also make sure that the Whois for your domain contains the correct contact information. Order processing by Certification Authority may take up to an hour. If you do not receive an approval email within the specified time frame or the certificate has not been issued after one hour, and you have confirmed that the file or record is publicly accessible, please contact our SSL Support Team via Live Chat or Ticket for further assistance.

Updated
Viewed
295660 times

Need help? We're always here for you.