digicert

If the Reseller is selling Digital Certificates

Renewing your Digital Certificate

thawte Digital Certificates have a lifespan of 1 or 2 years, depending upon the validity period you chose at the time of purchase. You can renew your Digital Certificate within 90 days prior to its Expiry and upto 90 days post Expiry. However, thawte will issue the Digital Certificate only 32 days before your current Certificate expires. This allows you to request your Renewal Certificate timorously and prevents any warnings for your website users which would have been displayed if your existing Certificate would have expired.

Note
  • Upon Expiry, the Digital Certificate will be Suspended by System. Once expired, the Digital Certificate will become invalid and a warning message about the expired Digital Certificate will be displayed to your website visitors. If the Digital Certificate is not Renewed within 90 days post Expiry, it will be deleted by System.

  • Once a Digital Certificate expires, Additional License(s) associated with such a Certificate, if any, will no longer be valid. Hence, you need to purchase fresh Additional License(s) during the Digital Certificate Renewal process. See details

  • If Privacy Protection is enabled for the domain name, it needs to be disabled before renewing the Digital Certificate. Privacy Protection may be enabled again once the Certificate has been renewed. See details

  • Resellers cannot renew Digital Certificates that are purchased through your Sub-Resellers. From your Reseller Control Panel, you can only renew Digital Certificates purchased by your immediate Customers; for all other Digital Certificates, the Renew link in the Order Details view would be disabled.

  • A Digital Certificate will not be issued to:

    • A national or resident of Cuba, Iran, Sudan, North Korea, or Syria or any other country where such use is prohibited under United States export regulations

      OR

    • Anyone on the United States Treasury Department's list of Specially Designated Nationals or the United States Commerce Department's Table of Denial Orders.

To renew a Digital Certificate

  1. Login to your Control Panel. See details

  2. Search for the domain name for which you have ordered a Digital Certificate and proceed to the Order Details view. See details

  3. Click the Renew link.

  4. Select the number of years you need the Digital certificate to be renewed for and mention the number of Additional License(s) (if required).

  5. Select the appropriate Web Server Software.

    Note
    • If your website/domain name is hosted on Windows server, you need to choose the software type as IIS.

    • If your website/domain name is hosted on Linux server, you need to choose the software type as Other.

  6. Submit the Certificate Signature Request (CSR). See details

  7. The Approver Email Address, Organization Details and Contact Details provided at the time of Certificate Enrollment will be displayed. Modify/submit relevant information, wherever necessary.

  8. Click the Confirm Renew button to proceed to pay for your Invoice.

  9. Once your Renewal request has been validated by thawte, an email requesting approval is sent to the Approver Email Address specified above.

  10. Once the Renewal request is approved by you, thawte will issue you a new Certificate.

You can check the status of your Digital Certificate by clicking the Check Certificate Status link in the Order Details view of the Digital Certificate Order. Once the Certificate is issued, you can retrieve the same from the above interface itself and install this renewed Certificate on your web server.

Reissuing your Digital Certificate

You would generally need to reissue your Digital Certificate in the following events:

  • You lose your Private Key,

    OR

  • You lose your Private Key Passphrase,

    OR

  • Your Private Key file gets compromised due to the server being hacked,

    OR

  • You wish to make changes to the domain name for which you have issued a Digital Certificate. This could be because of the following reasons:

    • Host name was left out when the Key/CSR pair was generated on the server,

      Example:

      The Private Key/CSR pair was generated on the server for yourdomain.com but the domain name being secured is www.yourdomain.com.

    • Incorrect host name filled in when the Key/CSR pair was generated on the server,

      Example:

      The Private Key/CSR pair was generated on the server for secure.yourdomain.com but the domain name being secured is shoppingcart.yourdomain.com.

    • Host name changes, provided that the Top Level Domain (TLD) remains the same,

      Example:

      The Certificate was requested for secure.yourdomain.com but the secure area is now being moved to shopping.yourdomain.com.

    OR

  • You wish to change the Web Server Software Platform where your Digital Certificate has been installed: This could be because of the following reasons:

    • Incorrect server software was selected during the enrollment process

    • Moving to a different ISP or Hosting Company

    OR

  • Your Organizational Unit changes.

Note
  • You are allowed to Reissue your Digital Certificate upto:

    • 3 times during the first 30 days upon issuance,

    • 2 times after the 30 days of issuance

    If you still wish to Reissue your certificate beyond the limits mentioned above, contact 's Support Team at and we will discuss this request with thawte.

    Upon placing a request to Reissue your Certificate, you may check the Certificate status from the Last Certificate Status field under Order Information section in the Order Details view. See details

  • If Privacy Protection is enabled for the domain name, it needs to be disabled while reissuing the Digital Certificate. Privacy Protection may be enabled again once the Certificate has
    been reissued. See details

  • While reissuing a SSL123 Certificate, you must ensure that your Company and domain name details haven't changed since the original details at the time of issuing.

  • A Digital Certificate will not be issued to:

    • A national or resident of Cuba, Iran, Sudan, North Korea, or Syria or any other country where such use is prohibited under United States export regulations

      OR

    • Anyone on the United States Treasury Department's list of Specially Designated Nationals or the United States Commerce Department's Table of Denial Orders.

To reissue your Digital Certificate from your Control Panel

  1. Login to your Control Panel. See details

  2. Search for the domain name for which you have ordered a Digital Certificate and proceed to the Order Details view. See details

  3. Click the Reissue Certificate link.

  4. Provide the following details:

    • Reissue Email Address: The Admin and Technical Contact Email Address specified at the time of Certificate Enrollment would be displayed here. Choose one of them as the Reissue Email Address. The reissued Certificate would be sent to this email address.

    • Software Type - Select the Web Server software on which your website/domain name is hosted. The options available are IIS and Other.

      Note
      • If your website/domain name is hosted on Windows server, you need to choose the software type as IIS.

      • If your website/domain name is hosted on Linux server, you need to choose the software type as Other.

    • Certificate Signature Request: Mention your new Certificate Signature Request in the text box. See details

  5. Click the Reissue Certificate button.

Note

Once your reissue request has been validated, an email requesting re-approval for the Certificate is sent to the Approver Email Address specified at the time of Certificate Enrollment. See details

Once thawte reissues your Certificate, you may retrieve the same from within your Control Panel and install the same on your web server.

Note
  • In case your reissue request is rejected and the Digital Certificate is Revoked by thawte, then:

    • You will not be eligible for a refund, and

    • You need to delete the Digital Certificate. See details

  • If you have secured multiple servers through Additional License(s) purchased for a Digital Certificate and the Digital Certificate gets reissued, you need to install the reissued Certificate on all the servers. However, you will not be required to purchase Additional License(s) for the reissued Certificate. See details

Displaying the thawte Trusted Site Seal on your website

Once you have been issued a thawte Digital Certificate, you need to install the same on your website. You may also wish to display the thawte Trusted Site Seal that confirms to your website visitors that your site is secured by thawte and the date until when your Digital Certificate is valid.

Note

thawte has upgraded their seal server infrastructure on 19 October, 2009. If you have installed the thawte Trusted Site Seal code on your website prior to this date, you must generate fresh code and install the same.

Retrieving and Displaying the thawte Trusted Site Seal on your website

  1. Visit https://www.thawte.com/ssl/secured-seal/index.html?click=main-nav-products-siteseal.

  2. Click the DOWNLOAD YOUR THAWTE TRUSTED SITE SEAL button.

  3. Select your Site Seal by specifying the following details:

    • Language for the seal and the seal verification page.

    • Size of the seal display

    • Layout for your seal

    • Common name for your Digital Certificate.

    Note
    • The common name must match the one used for your Digital Certificate.

    • https:// or https:// are not to be included in the common name.

  4. Select the I accept the Conditions of Use for the Thawte Trusted Site Seal. checkbox.

  5. Click the CREATE SCRIPT button.

  6. Click Select all to select the code generated.

  7. Copy the code directly into your webpage code.

    Note

    Emailing or copying the code into a word processor may result in errors.

Note
  • thawte prohibits display of the Thawte logo unless that website is secured by a Thawte Trusted Site Seal.

  • The Site Seal will be displayed on your website within about 2 hours, after installation.

  • Once the Site Seal starts appearing on your website,

    • Confirm that it appears as expected.

    • Click it and verify the information on the seal verification page.

Installing your Digital Certificate on your Web Server

Once you have been issued your Digital Certificate, you need to install it on your web server.
See details

Depending upon the type of Digital Certificate that you have purchased and the web server where you intend to install your Digital Certificate, you need to refer to the
appropriate instructions provided below:

Digital Certificate Name thawte Digital Certificate Name Installation Instructions CA Bundle

SGC SuperCert

SGC SuperCert(Anchor: sgc) Certificate

Web Server Certificate

SSL Web Server(Anchor: webserver) Certificate

SSL123 Certificate

SSL123(Anchor: ssl123) Certificate

Wildcard Server Certificate

Wildcard(Anchor: wildcard) Certificate

Note
  • If you wish to secure your domain name on multiple servers, you need to purchase Additional License(s) for your Digital Certificate and install your Digital Certificate on these
    servers. See details

  • The thawte Cross Root CA and Intermediate CA need to be either copy-pasted together or installed as a single .crt file,
    such that they are mentioned together separated by their individual '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----'.

    We have downloaded the thawte Cross Root CA and Intermediate CA from thawte and included them in their individual .crt files. You may
    download the respective CA Bundle from the above table, depending upon the type of thawte Digital Certificate you have purchased from .

    Note

    The CA Bundle needs to be installed on your web server.

  • In order to install the Digital Certificate on certain web servers such as Microsoft Exchange 2010, it is recommended that the Digital Certificate is in the PKCS#7 file format.

    The Digital Certificate that provides is in the X.509 format. It can be converted to the PKCS#7 format through the link https://www.sslshopper.com/ssl-converter.html.

  • Upon installing your digital certificate, you should confirm that it has been installed correctly.

Checking the Status and Retrieving your Digital Certificate

The Digital Certificate Status interface allows you to both check the Status of Digital Certificate as well as retrieve the same upon issue. A Digital Certificate may be issued to you:

  • After you have Enrolled for a Certificate

    OR

  • After you have requested your Digital Certificate to be Reissued

    OR

  • After you have requested Renewal of your Digital Certificate.

To check the status of your request and retrieve your issued Digital Certificate

  1. Login to your Control Panel. See details

  2. Search for the Digital Certificate and proceed to the Order Details view. See details

  3. Click the Check Certificate Status link. Here you would see the status of your Digital Certificate, under the following heads:

    • Digital Certificate Status

      This would list the Certificate Status alongwith status of the verification process of your Company Registration (Pending/Verified), Domain Ownership (Pending/Verified), Tel No. (Pending/Verified) and Verification Status (Pending/Issued/Revoked).

      Once the Certificate has been issued, this section would display the following:

      • Serial No.: This is a hexadecimal serial number issued by thawte to uniquely identify your Digital Certificate.

      • Certificate: When a Digital Certificate is issued to you, it would be available in this text box. Your Digital Certificate would be encapsulated within these tags

        -----BEGIN CERTIFICATE-----

        [Encoded Data]

        -----END CERTIFICATE-----

        You need to copy the entire contents of this text box (including the above tags) and install it on your Web Server Software.

    • Digital Certificate Details

      Here you would find important information related to your Certificate order and the Digital Certificate after it is issued.

      • Is Renewable: You can renew your Digital Certificate within 90 days prior to its Expiry. However, it will only be issued 32 days before your current Certificate expires.

        The status of this field will become Yes only 90 days prior to its Expiry and otherwise display No. See details

      • Is Reissueable: The status of this field would remain as No until a Digital Certificate is issued. Post that this field would list Yes until the Digital Certificate expires or the Certificate gets Revoked. See details

Once you have been issued a Digital Certificate, you need to install the same on your web server. See details

Note

If you wish to secure your domain name on multiple servers, you need to purchase Additional License(s) for your Digital Certificate and install your Digital Certificate on these servers. See details

Cancelling your Digital Certificate Order

If you have made a mistake while submitting your Digital Certificate request, then you may Cancel your Order before the certificate is actually issued to you. Follow the below mentioned process to cancel your Digital Certificate:

  1. Login to your Control Panel. See details

  2. Search for the Digital Certificate and proceed to the Order Details view. See details

  3. Click the Cancel Order link.

  4. If you are sure that you wish to abort your Ordering process, you may click the Confirm Cancellation button. In the popup window, you need to type YES (in capital letters) and click OK to complete this process.

Note
  • The Cancel Order link will only appear for a Digital Certificate Order which is in the Active status. An Active Digital Certificate is one which has been paid for. To cancel an InActive Order, you need to cancel the Pending Invoice associated with the Order, from the Billing interface. See details

  • Once you Enroll for a Digital Certificate, you can not Cancel your Digital Certificate Order.

  • Cancellation of a Digital Certificate Order results in a refund of the Invoiced amount in your Debit Account.

IMPORTANT: Get your Digital Certificate Issued (Digital Certificate Enrollment Process)

Once you have paid for your Digital Certificate Order, your order becomes Active within the system. However, you need to complete the Certificate Enrollment Process, before the Certificate can be issued to you.

Note
  • You need to successfully Enroll your Digital Certificate within 5 days, since the date this Order became Active. In the event that you do not complete your Enrollment process within this period, your Digital Certificate Order will get automatically Cancelled and you would receive a refund.

  • A Digital Certificate will not be issued to:

    • a national or resident of Cuba, Iran, Sudan, North Korea, or Syria or any other country where such use is prohibited under United States export regulations, or

    • anyone on the United States Treasury Department's list of Specially Designated Nationals or the United States Commerce Department's Table of Denial Orders.

Follow the instructions mentioned below to get your Digital Certificate issued:

Step 1. Generate a Private Key and Certificate Signature Request (CSR) from your web server

Before you begin the process of obtaining a Certificate, you must generate a minimum of 2048-bit Private Key and CSR pair from your web server. See details

Step 2. Submit your Organization Details, Contact Details and Certificate Details to thawte

Before a Digital Certificate can be issued to you, we need to send a request to thawte with some information about yourself and your business. Follow the process mentioned below to request your Digital Certificate:

  1. Login to your Control Panel. See details

  2. Search for the Digital Certificate and proceed to the Order Details view. See details

  3. Click the Enroll Certificate link.

  4. Mention the following details and click the Enroll button:

    A. Organization Details

    • Provide complete details of your organization such as Organization Name, Address, City, Region, Zip, Country and Phone number.

    B. Contact Details

    • Admin Contact Details: Provide the Admin Contact details while giving special emphasis to the email address that you mention herein. You need to ensure that the email address mentioned herein, matches with the Administrative Contact Email Address as displayed in the Whois of the domain name. Please ensure that this information is not kept hidden for anonymity purposes, since the Digital Certificate would be sent to this email address.

    • Technical Contact Details: You need to ensure that the email address mentioned herein, matches with the Technical Contact Email Address as displayed in the Whois of the domain name. Please ensure that this information is not kept hidden for anonymity purposes, since the Digital Certificate would be sent to this email address.

      If the Admin Contact Email address matches that of the Technical Contact's, as per the Whois of the domain name, then you may simply select the available check box, to set the same details as the Admin Contact's.

    Note
    • If Privacy Protection is enabled for the domain name, it needs to be disabled before submitting the Contact details to thawte.

      Privacy Protection may be enabled again once the Certificate has been issued.

    • Until thawte verifies that both the email addresses match, you would not be issued your Digital Certificate.

    • In case of SGC SuperCert, Web Server and Wildcard Server Certificates, it is necessary to provide the real name of an individual in the Admin and Technical Contact Details. Otherwise, the Certificate would not be issued.

    C. Approver Email

    You need to select one of the following as the Approver Email Address:

    • Admin Contact Email Address: as mentioned in the Contact Details section above

    • Technical Contact Email Address: as mentioned in the Contact Details section above

    • A pre-determined email address on the domain name for which you are requesting the Certificate - You need to either select admin, administrator, hostmaster, webmaster or postmaster from the drop down list

      Note

      In case you are requesting a Digital Certificate for a sub-domain, select an email address on the appropriate domain/sub-domain from the drop-down menu. For example, if you are requesting a Digital Certificate for abc.yourdomainname.com, you may select a pre-determined email address on yourdomainname.com or abc.yourdomainname.com, depending on whether you have email accounts setup on the primary domain name or the sub-domain.

      You need to activate this email address before selecting the same here. A pre-determined email address with the domain name is recommended as the Approver Email Address.

    • support@geotrust.com: This option needs to be selected only in extreme conditions when none of the other email addresses can be used. If you select this option thawte would contact you and determine an alternate Approver Email Address. By selecting this option, your Certificate issuance could be delayed by several business days.

    thawte will send an email requesting review and approval, for the Certificate requested to the Approver Email Address specified.

    D. Certificate Details

    • Software Type: Select the Web Server software on which your website/domain name is hosted. The options available are IIS and Other.

      Note
      • If your website/domain name is hosted on Windows server, you need to choose the software type as IIS.

      • If your website/domain name is hosted on Linux server, you need to choose the software type as Other.

    • Certificate Signature Request: This is the CSR (Public Key) you have generated for the purpose of obtaining a Digital Certificate from thawte.

Step 3. Complete the thawte Authentication formalities

After you have enrolled for a Digital Certificate, thawte would contact you at the Approver Email Address specified and may request you to provide them with some documentation such as:

  • Proof of Organizational Name

  • Proof of Right to Use Domain Name

  • Proof of Organizational Telephone Number

Note
  • The above mentioned process is to be followed in case you have ordered an SGC SuperCert, Web Server Certificate or a Wildcard Server Certificate.

    In case you have ordered an SSL123 Certificate, once you have approved the Digital Certificate request email, thawte would try to automatically complete the Certificate enrollment.

  • If you do not complete your verification process soon, thawte may reject your Digital Certificate request and may send you an email informing you that your Digital Certificate has been Bogused / Rejected.

    However, should you subsequently complete the authentication formalities within 90 days of the Enrollment Date, thawte would issue you your Digital Certificate.

Once you have completed all these formalities, thawte will issue the Certificate and email you a confirmation.

Step 4. Check the Status of your Digital Certificate and retrieve your Digital Certificate

Once you have completed the enrollment process, thawte would begin verifying the data you have submitted to them and once satisfied, issue you your Digital Certificate. You can continue checking the status of your Digital Certificate request from your Control Panel and retrieve the same from your Control Panel itself. See details

Listing, Searching and Managing Digital Certificate Orders

In order to manage your Digital Certificate Orders, you need to search for them from within your Control Panel with , and access
their Order Information view.

To List/Search and Manage Digital Certificate Orders

  1. Login to your Control Panel:

    For Resellers: See details

    For Customers: See details

  2. Next, click

    For Resellers: Products -> List All Orders.

    For Customers: Manage Orders -> List/Search Orders.

  3. Search for the Digital Certificate Orders by selecting Digital Certificate under the For Product drop-down menu.

    Note

    For Resellers: You may search for Orders belonging to your Sub-Resellers by selecting the Include Sub-Reseller's results
    check box.

  4. On the next page, you would see a list of Digital Certificate Orders bought through . Click any domain name to reach its
    Order Information view, from where you can perform any modifications to the Order.

Additional Information

For Resellers: You can also use the Search Bar on the Control Panel home page to bring up the Order Information view for a Digital Certificate Order. This Search Bar will also be available on the topmost menu bar, in every page of the Reseller Control Panel.

  1. Provide the domain name in the search field.

  2. Select Order from the drop-down menu.

  3. Click the Search button.

  4. On the next page, click the Digital Certificate tab.

Additional License

A Digital Certificate by itself can be used to secure a domain name, on a single server only. Each additional server that you plan to host your domain name on, would also need to be similarly secured; and that's where an Additional License is needed. It licenses usage of the same digital certificate across multiple servers.

The advantage of buying Additional Licenses as compared to multiple digital certificates is that, it removes the delay in issuance caused due to generation of a Certificate Signing Request (CSR), completing the Enrollment process and then undergoing the authentication process conducted by thawte. Moreover, Additional Licenses work out to be a much cheaper solution than buying individual digital certificates.

Note
  • Additional License(s) can be bought only at the time of purchasing/renewing the parent Digital Certificate. If however, you have already purchased the parent Digital Certificate without mentioning the number of Additional License(s) required, then you have the following options:

    • If the parent Digital Certificate has been issued in the last 25 days, Deleting the certificate will get you a full refund and then you may purchase another, while mentioning the number of Additional License(s) required. See details

    • If the parent Digital Certificate is over 30 days old, then you have the following two options:

      • At the time of Renewal of the parent Digital Certificate, you specify the required number of Additional License(s)

        OR

      • You can Delete the parent Digital Certificate order and purchase another, while mentioning the correct number of Additional License(s) required.

  • You cannot specify the duration of an Additional License while purchasing the same. The duration of an Additional License will depend upon the duration of its parent Digital Certificate.For example, if you
    are purchasing a Digital Certificate for one year, then an Additional License for such a Digital Certificate will be a one year License. Likewise, it will be a two year Additional License if the duration of the Digital Certificate is two years.

  • Additional License(s) can only be used for servers which have the same software installed on them and the same associated common name.

    Additional Information
  • Once purchased, an Additional License cannot be deleted. However, deletion of the parent Digital Certificate would render the Additional License(s) invalid.

  • You need to simply retrieve the parent Digital Certificate and install the same on multiple servers. The number of servers (excluding the primary server) on which the Digital Certificate can secure your domain name will be equal to the total number of Additional Licenses you have purchased for this Digital Certificate.
    See details
    See details

  • To renew Additional License(s), you need to simply renew the parent Digital Certificate, while specifying the number of Additional License(s) needed. This is because an Additional License is, in fact, just a license to use the parent Digital Certificate across multiple servers. See details

Types of Digital Certificates available through firstfoot Interactive Pvt Ltd.

sells four types of thawte Digital Certificates. They are as follows:

SGC SuperCert

The Server Gated Cryptography (SGC) digital certificate is our premium SSL certificate, providing the highest possible protection in all circumstances. The SGC SuperCert offers 256-bit encryption in all browsers (released after Microsoft Internet Explorer 4.x or Netscape 4.06). In older-browsers it ensures a minimum of 128-bit encryption to 99.9% of all users, even if the user's browser supports only
40-bit or 56-bit encryption.

Note

You need an SGC SuperCert instead of our Web Server Certificate, if any of the following are true for your business:

  • You have an International (non-US) audience/customer-base, or/and

  • You need to provide the highest possible encryption for each and every visitor to your website, or/and

  • You conduct medium to high-value e-commerce transactions via your web interface.

SGC SuperCert Features and Benefits

Encryption

256-bit with lowest possible encryption level of 128-bit protection for 99.9% of users even with older browsers

Browser Ubiquity

Highest in industry

Certificate Details

Domain and identity authentication and verification

Certificate Authentication

Stringent Business Verification and Authentication

Average Issuance Speed

Less than 2 days

thawte Trusted Site Seal

Yes - free (available in multiple languages)

Root CA

Yes

Free Reissues

Upto 5 times from Issuance until Expiry See details

Secures Internationalized Domains

Yes (thawte is the first Certification Authority to have all its SSL certificates support IDN character sets.)

SGC Technology

Yes (only a few CAs can offer this.)

Web Server Certificate

The thawte SSL Web Server Certificate offers comprehensive authentication procedures (domain name and identity verification). It also offers 256, 128, 56 or 40-bit encryption depending on your client's browser capability and the cipher suite installed on your web server. This ensures that information is kept private while in transit between your web server and your client's web browsers.

Web Server Certificate Features and Benefits

Encryption

Upto 256-bit encryption enabled

Browser Ubiquity

Highest in industry

Certificate Details

Domain and identity authentication and verification

Certificate Authentication

Stringent Business Verification and Authentication

Average Issuance Speed

Less than 2 days

thawte Trusted Site Seal

Yes - free (available in multiple languages)

Root CA

Yes

Free Reissues

Upto 5 times from Issuance until Expiry See details

Secures Internationalized Domains

Yes (thawte is the first Certification Authority to have all its SSL certificates support IDN character sets.)

SGC Technology

No

SSL123 Certificate

SSL123 is thawte's entry level certificate which provides validation that your domain is registered and that you have authorized the purchase of the certificate. Through SSL encryption, the certificate assures that information is kept private between your web server and your client's web browsers.

Note

Your choice of digital certificate depends mainly on whether you require your company details added to the certificate contents. If not, then SSL123 is an ideal choice of product as it provides the added benefit of quick issuance.

SSL123 Certificate Features and Benefits

Encryption

Upto 256-bit encryption enabled

Browser Ubiquity

Highest in industry

Certificate Details

Domain name verification only

Certificate Authentication

Domain name check and validation

Average Issuance Speed

Less than 1 day

thawte Trusted Site Seal

Yes - free (available in multiple languages)

Root CA

Yes

Free Reissues

Upto 5 times from Issuance until Expiry See details

Secures Internationalized Domains

Yes (thawte is the first Certification Authority to have all its SSL certificates support IDN character sets.)

SGC Technology

No

Wildcard Server Certificate

The thawte Web Server Wildcard Certificate allows you to conveniently secure multiple sub-domain names on one domain name on the same server using *.yourdomainname.com pattern for the common name. You need not spend time, money and effort on obtaining certificates for different sub-domain names on a domain name.

The Wildcard Server Certificate offers comprehensive authentication procedures (domain name and identity verification). It also offers 256, 128, 56 or 40-bit encryption depending on your client's browser capability and the cipher suite installed on your web server. This ensures that information is kept private between your web server and your client's web browsers.

Wildcard Server Certificate Features and Benefits

Encryption

Upto 256-bit encryption enabled

Browser Ubiquity

Highest in industry

Certificate Details

Domain and identity authentication and verification

Certificate Authentication

Stringent Business Verification and Authentication

Average Issuance Speed

Less than 2 days

thawte Trusted Site Seal

Yes - free (available in multiple languages)

Root CA

Yes

Free Reissues

Upto 5 times from Issuance until Expiry See details

Secures Internationalized Domains

Yes (thawte is the first Certification Authority to have all its SSL certificates support IDN character sets.)

SGC Technology

No

Note
  • If you wish to secure your domain name on multiple servers through the use of any of the above Digital Certificates, you need to purchase Additional License(s) for your Digital Certificate. See details

  • The Wildcard Server Certificate does not secure the root domain name. For example, a Wildcard Server Certificate for *.yourdomainname.com will secure all sub-domains on yourdomainname.com, but not yourdomainname.com.

  • The Certificate issuance speed depends upon a lot of factors like the Admin or Technical Contact may not have completed thawte's verification yet. This could lead to the overall delay in the Certificate issuance.

Digital Certificates that would suit your business

Depending upon the type of application/interface you wish to secure, you may choose one of the four digital certificates sold by :

Typical Applications for Digital Certificates

SGC SuperCert

Web Server and Wildcard Cert

SSL123 Cert

Securing Web domains

Yes

Yes

Yes

Securing gateways (eg. Citrix Secure Gateways)

Yes

Yes

Yes

Securing multiple hosts for a domain on the same server

N/A

Yes (with Wildcard Cert)

N/A

Securing web forms for e-commerce sites

Yes

Yes

Yes

Securing IMAP/POP Mail Servers such as Microsoft Exchange and Outlook Web Access

Yes

Yes

Yes

Securing SMTP mail transfers through STARTTLS (Start Transport Layer Security) connections

Yes

Yes

Yes

Securing transfer connections to FTP servers (FTPS connections)

Yes

Yes

Yes

SSL VPN.s

Yes

Yes

Yes