SSL Certificate Top 10 FAQs
1. Why does an Instant SSL Certificate cost considerably less than other Certification Authorities?
InstantSSL has direct access to the IdAuthority, the largest commercial directory on the web. Instant SSL can therefore expedite the validation of an application. This efficient and highly effective validation method ensures we can issue a Certificate at a greatly reduced cost as reflected through our guaranteed lowest price in the industry as well as maintain a level of validation far superior to the methods employed by other SSL providers. In particular, the validation process employed to issue an Instant SSL, Instant SSL Pro or Premium SSL Certificate is considerably more than just a domain name ownership check - we firmly believe this method alone to be insufficient to maintain the level of integrity in Secure Sockets Layer (SSL) that consumers have come to expect.
2. What does the Warranty actually mean?
We believe it is important to protect the end user. If we were to mis-issue a certificate to a fraudulent site, and that fraudulent site has an SSL link with an end user and as a result of this the end user loses money. The end user had what they thought was a "trusted session". Comodo should never have provided the fraudster with the ability to engineer this situation. Hence, we have taken out insurance to pay out money to the end user. How can we do this?
- We value the end customer
- We believe the insurance provided greater peace of mind hence allows the merchant to sell more products
- Most importantly, we value our validation techniques (delivered through the IDAuthority)
We pre-validate customers and provide validation that is far higher than the majority of other SSL providers. Some CA's have very weak validation hence they decide NOT to offer insurance! Finally, it is worth pointing out, that we offer high validation, but not at the compromise of speed. You can still obtain SSL instantly. See the warranty offered on each of our SSL Certificate.
3. Why do you ask for documentation when I apply for a certificate?
Comodo recognizes that strong validation is essential for the continuing growth of ecommerce. Before issuing a certificate we validate both that the applicant owns, or has legal right to use, the domain name featured in the application and secondly that the applicant is a legitimate and legally accountable entity. To do this we need to have access to documentation which verifies these two factors.
More details of the need for strong SSL Certificate Validation
4. Why does the website say the SSL certificate is 'Untrusted'?
The usual cause of this is that the Comodo intermediate certificate has not been loaded.
5. Why does the secure part of the website say the name on the Security Certificate is invalid or does not match the name of the site?
This is usually caused by the certificate having a Common Name of "domain.com" and the customer is going to "www.domain.com"
6. When trying to go to the site over HTTPS it displays the message 'The page cannot be displayed'?
Usually caused by port 443 not allowed through firewall or by the SSL Certificate not having a corresponding key file.
7. The CSR cannot be decoded?
This is because it is missing one or more required fields or the CSR contains non-alphanumeric characters in the required fields.
8. I cannot remember or have lost my login details.
If you still have the order number they can use the automated password reminder system or if not then an email must be sent from the administrative email address on the account to firstname.lastname@example.org including the original domain name it was purchased for, or the original order number.
9. I have accidentally deleted my "private key" what can I do now?
First check your backups and see if you can re-install the "private key". If you don't know how to re-install the key from your backups, then contact your systems administrator. Failing that, contact your web server software vendor for technical support. The only alternative course of action available is to reissue an SSL certificate following the re-submitting of a replacement CSR.
10. I have changed my server, or moved to a different provider, how do I move the certificate?
The easiest way is to create a new CSR on the new machine and have the certificate re-issued.