Which certificate should you choose?
You can use our certificate
selection guide to choose the right TLS certificate.
If you still do not know how to choose the right certificate, please do not hesitate to contact our
customer support for advice on choosing the right certificate.
You can also contact us directly from your customer account by sending a request from the
Authorized Request menu.
How to pay for a certificate
After placing the certificate order, a payment request is sent to the selected billing email. Once we receive your payment, the tax receipt will also be sent to this billing email address.
You can pay by bank transfer, credit card or PayPal online. See the
customer account help for more information. If you have not received a payment request or have other issues, please contact
customer support.
Why is a certificate not trustworthy?
A trustworthy certificate is ensured by its connection to the
Intermediate authority certificates in the so-called chain of trust. A frequent trust error is the missing Intermediate certificates on the server, resulting in a customer’s browser warning about an unknown SSL/TLS certificate issuer. After Intermediate certificates have been added to the server, the problem is fixed.
Why is the lock not displayed in the browser?
If your browser does not display a lock as a security symbol, some of your site sections will be loaded over an insecure protocol. All page elements must be fetched over HTTPS for complete web security and symbol display. For example, if a page is loaded with JavaScript (Google Analytics) or an image over a non-secure HTTP protocol, the security is incomplete and the lock symbol does not appear.
How do I add or edit a SAN in a certificate?
Modifying and adding SAN names is possible for all TLS certificates except RapidSSL. To add a SAN name to the certificate (FQDN domain), use your customer administration or contact customer support. In addition, each individual SAN name will be charged according to the current price list if it has not already been paid in the certificate order.
How do I verify the correct certificate installation?
The TLS certificate installation can be checked online. We provide a custom installation control tool that connects to the specified domain and checks the installation of the certificate. If a problem is found, the verifier will alert you and suggest a solution. If you have a frequent problem with
Intermediate certificates, will offer the right certificates for you to download, so you don't have to search for them.
Make sure you have installed your certificate correctly:
Check certificate installation .
What is CSR and where do I get it?
A public key (CSR) is necessary to issue a TLS certificate and use on a server. This public key (CSR) is generated by the administrator of your website (webhosting company) on the server where the domain that certificate secures is located.
You can also generate the CSR directly in SSLmarket and then provide the server administrator with stored private key and with the certificate.
For more information and how to generate a public key, see the article about the
public key (CSR).
Can I use the certificate on another server?
Yes, the matches the private key only, nothing more. If you export the certificate together with the private key, you can import it to another server and use it. Use of the certificate on multiple servers at the same time is unlimited!
Can I use a certificate on multiple servers?
All DigiCert TLS certificates have an unlimited server licence. You can use it on more physical servers.
How do I export a certificate?
The certificate can be exported either separately or together with a private key. On the Microsoft platform, the PFX format is used for export, in which the certificate is together with the private key. On Apache, certificate management is typically performed through OpenSSL, which allows you to export the certificate to various formats. To export from Apache, simply copy the key and certificate files. They are saved in text format and you can use it anywhere.
What is a private (secret) and public key?
The private key is created when the certificate request is made on server and must not leave the server under any circumstances, since it is possible to use the server's TLS certificate to obtain it. Then the private key is compromised and you should revoke the certificate.
A public key (CSR) is a certificate request which is sent to a Certification authority; after verification, the authority signs the public key and creates a TLS certificate.
During TLS communication, data on the client side is encrypted with the server's public key (certificate) and encrypted with private on the server.
You must have the appropriate private key to deploy and use the certificate. See our Key Matching Tool to see if it the certificate matches your private key.
How do I change information in my certificate?
Data in an already issued certificate cannot be changed. If you need to change your certificate information and it has not been 30 days since it was issued, contact customer support to help resolve the issue.
I cannot install the certificate or I do not have a private key
If you have a problem installing the certificate, which is mostly caused by a missing private key, you can reissue the certificate for free with a new CSR request. Do the same if you delete or compromise the private key. The reissue could be started anytime in your customer administration.
Feel free to contact our
customer support to assist you to make the reissue.
Didn't find the answer to your question?
Our certified staff have prepared the most important information regarding our SSLmarket system and TLS certificates in general in the Help section.
Topics in Help are sorted to several sections for our better orientation.
To the Help
We are sorry that you did not find the required information here.
Please help us to improve this article. Write us what you have expected and not found out.