Archives: FAQs
You can protect an IP address with an SSL/TLS certificate, but only under certain circumstances.
Read More »
What Is an X.509 Certificate?
X.509 is a standard format for public key certificates. Each X.509 certificate includes a public key, identifying information, and a digital signature.
Read More »
What is DNS over HTTPS (DoH)?
DNS over HTTPS (DoH) uses the HTTPS protocol for sending and retrieving encrypted DNS queries and responses.
Read More »
What is HTTP Strict Transport Security (HSTS)?
HTTP Strict Transport Security (HSTS) is a web security policy mechanism designed to protect HTTPS websites against downgrade attacks and cookie hijacking.
Read More »
I got a Monthly Invoice from SSL.com. Do I need to pay it every month?
Monthly invoices from SSL.com represent one-time charges, reflecting any unpaid balance remaining at the end of a month. They are not recurring bills.
Read More »
How much will I be billed for adding new domains to an existing order?
If you add any new domains to a multi-domain certificate order, your bill for the new domains will be prorated by the amount of time remaining on the order.
Read More »
What is Elliptic curve cryptography (ECC)?
Elliptic curve cryptography (ECC) uses the mathematical properties of elliptic curves to produce public key cryptographic systems.
Read More »
What is a root store?
A root store is a list of trusted root CA certificates. A certificate authority (CA) uses root certificates as trust anchors for the certificates it issues.
Read More »
Do I need to repeat domain validation (DV) for subdomains?
The answer depends on the DV method that you originally used. Email validation is scoped differently than the CNAME and File Lookup methods.
Read More »
What Is Code Signing?
Code signing is the process of using X.509 certificates to digitally sign software for safe distribution, hassle-free installation, and compliance with OS security policies.
Read More »
What Is a Certificate Authority (CA)?
A certificate authority (CA) is a an organization that acts to validate identities and bind them to cryptographic key pairs with digital certificates.
Read More »
How Can I Get My Certificates in PEM Format?
Information on the PEM format and instructions on how to retrieve PEM-formatted certificates from SSL.com.
Read More »
How Do I Install a Certificate?
This page includes lists of all SSL.com how-to articles covering certificate installation on various platforms.
Read More »
How Do I Generate an SSL/TLS Certificate Signing Request (CSR) on My Server?
This page includes a list of all SSL.com how-to articles covering Certificate Signing Request (CSR) generation on various platforms.
Read More »
How Can I Add Subdomains To My Certificate?
Looking to protect your subdomains? You could be able to add them to your certificate, but let’s take a closer look here.
Read More »
FAQ: 27-Month SSL Certificate Lifetime Limit
This FAQ describes how SSL.com’s multi-year SSL/TLS certificate bundles work with the CA/B Forum’s certificate lifetime limit of 825 days (about 27 months).
Read More »
How do I confirm that a private key matches a CSR and certificate?
How to use OpenSSL to confirm that a private kay, CSR, and certificate are compatible.
Read More »
What Are The Requirements for SSL.com EV Certificates?
Requirements for SSL.com EV certificates.
Read More »
FAQ: What is the “serial number entropy” issue I’m hearing about?
SSL.com will be issuing replacement SSL/TLS certificates for those affected by EJBCA’s serial number entropy issue.
Read More »
Questions about Certificate Transparency
Answering a few questions we’ve heard about Certificate Transparency.
Read More »
Does the Basic SSL Certificate work with subdomains?
SSL.com’s Basic SSL Certificate covers subdomains!
Read More »
Did SSL.com send an email asking for my banking information?
Some recently reported seeing emails from a suspicious address that appear to be from SSL.com. Please delete these emails, as they are not from us!
Read More »
What Is a CSR? A Comprehensive Explanation
The information found within a CSR is used by a Certificate Authority to verify and ultimately create your signed server certificate.
Read More »