The SSL Certificate activation process involves entering a CSR: the Applicant will have to follow different instructions depending on whether or not they already have a CSR, as described below.
Enter the code for your CSR in the relevant field, in the section entitled I already have a CSR: the information contained in the code provided will be extrapolated and entered in the fields below; if any information is missing, please add it in the relevant fields.
Lastly, click on Continue.
If you do not have a CSR, you can generate one by clicking on
I don't have a CSR and following the instructions provided:
- enter the domain name in the Domain Name (FQDN) field: depending on the type of SSL Certificate you chose when ordering, the domain name must be entered in a specific format:
- SINGLE DOMAIN: enter the full name of the domain (if you want to include both www.domainname and domainname in the certificate, enter the extended name www.domainname in the field above and proceed with the validation process in the next step for just domainname) ;
- WILDCARD: enter the name of the domain preceded by an asterisk and a period (for example: *.domainname.com) and proceed with validation in the next step of only *.domainname.com (without "www");
- SAN: just enter the main domain name; other domains should be entered in the next step, by clicking on Add domain.
If the SSL Certificate needs to be valid
both for www.domainname and for domainname (without www):
- the full name www.domainname must be entered in the CSR;
- the process connected to the validation method chosen must be followed for the domain domainname (without www);
- click on Generate CSR;
- enter the information required and click on Continue:
The CSR generation procedure produces two files:
- "domainname_csr.pem": to be used within the provisioning form, when activating the Certificate;
- "domainname_private-key.pem": to be used when installing the Certificate, or after the Certificate has been issued.
The CSR generator illustrated in this guide is only intended to be helpful when more specific tools are not available.
In general, it's a good idea to generate a CSR using the tools and procedures recommended by the software provider on the web server (e.g. Apache, Nginx, Microsoft IIS, Oracle, IBM WebSphere, etc.) or another device (e.g. load balancer, firewall, etc.): this is because different software and hardware that support SSL generate certificates in the most "appropriate" format to store the server key pair, which varies depending on the product.
IMPORTANT: Installing an SSL Certificate requires the generated private key; for this reason, it is important to save the file "domainname_private-key.pem" to use it during installation.
Both .pem files can ONLY be downloaded immediately after generating the CSR: we recommend saving these files straight away as they cannot be retrieved later.
Then proceed to the next step:
choosing the domain validation method.