Hello, how can we help you?
SSL (Secure socket layer) is a standard security technology that provides secure communications between a web server and a browser. SSL uses a combination of public key and private key encryption to protect sensitive information like credit card numbers, login credentials, email addresses, etc. Furthermore, HTTPS, padlock and green address bar ensure users for a safe website browsing and online transactions.
Domain Validated (DV) SSL Certificates deliver the easiest & quickest solution to secure a domain since only the domain name is verified during the validation process. Anyone who can demonstrate control of a registered domain can get this SSL security within minutes of ordering. DV certificates are suitable for small or start-up businesses.
To receive an Organization Validated (OV) SSL certificate the customer must demonstrate control of a registered domain and provide certain pieces of company information that Certificate Authority (CA) can verify using third-party sources. The OV certificate is a good solution for business sites to increase user trust as the certificate certifies and displays company information to prove ownership of the website.
An Extended Validation (EV) certificate is the premium SSL certificate. It provides great assurance to customers by providing the Green Bar within the browser URL window, which is a global symbol of trust. Extended Validation (EV) SSL certificates provide a secure connection and provide visible proof to establish business identity validation.
An Extended Validation (EV) SSL Certificate is only the certificate that provides the Green Bar.
A Wildcard SSL Certificate secures a single main domain (domain.com) and an unlimited number of subdomains (mail.domain.com, blog.domain.com, login.domain.com etc.) A wildcard certificate is annotated with an asterisk, as in *.domain.com.
Multi Domain or SAN (Subject Alternative Names) certificate protects multiple domain names with a single certificate (domain.com, example.net, website.org etc)
A wildcard certificate secures a single domain (domain.com) and an unlimited number of sub-domains at a specific level. A multi-domain (SAN) certificate protects multiple domain names (domain.com, newdomain.org, otherdomain.com) under one certificate.
256 bit encryption is supported by all the certificates provided by us.
SHA stands for Signature Hashing Algorithm which is used by the Certificate Authority to sign a certificate. SHA-1 is an older version of the algorithm and produce a 160-bit (20-byte) hash value. SHA-2 is the current hashing algorithm standard.
Yes, we deal in most well-known brands in SSL industry, and their root is available in most on the known browsers. They come with 99% browser compatibility and browser ubiquity.
SSL Certificate Warranty provides protection if your SSL is misused, hacked or met with a data breach due to flaws in the certificate. All the certificates which we provide come with SSL warranty.
SSL Certificate we provide are valid from 1-3 years .EV Certificates can be ordered only for max 2 years and DV & OV certificates can be obtained for up to 3 years.
An Intermediate Certificate is a CA Certificate that completes the chain between an SSL certificate and the trusted root in the web browser.
Internal domains can be secured through SSL but it must be an official registered domain (a publicly available FQDN). SSL certificates will not be issued for internal domains if it is not a registered or delegated domain.
The main difference is the key length after establishing an SSL connection in the browser. But practical purpose, 128 bit security is enough to ensure security. The only reason 256-bit security is needed is if it's specifically required by your industry or company policy.
You can secure up to 100 domains under SAN certificates though the figure might change with the change in the SSL brand.
For security reasons, you will need to have your SSL Certificate re-issued in these instances. You will need to create a new CSR and share it with us so that we can reissue the certificate.
All major web and mobile browsers are compatible with the SSL certificates provided by us.
If there are some browsers which are incompatible with it, then those browsers are either very old, and nobody uses them anymore, or they are custom made browsers, and again, very few or no people use them.
Thirty Days (30) from the date of issuance of certificate, you can contact us to make changes to the certificate like Common Name change, Organization change, etc. After the given time span, we will not be able to make changes.
Yes, all the certificates which we provide comes bundled with free reissues features within the expiry of the certificate
The SSL certificates are universal in nature and will support all the servers which are capable of doing SSL handshaking. SSL Certificates are not server specific.
Yes, all the certificates which we provide support TLS protocol. But in order to use it, the certificate is dependent upon the server settings. In short, whatever protocols or ciphers are enabled on the server, the certificate will support it.
You can use following platforms to sign -
NO, you have to procure a complete new EV certificate .
The web server details are for our records and support purposes only. The certificates are the same format irrelevant of the web server chosen.
For a quotation request you can perform a offline transaction, after the transaction is completed you can download invoice which you can use as a quotation.
Find your Country Code from the list provided below
Country Codes are required when creating a Certificate Signing Request. The SSL Certificate Country Codes that you need to enter when creating your CSR are as follows:
SSL Certificate Price starting from ₹501/year up to ₹50,000/year depending on your needs and requirements. SSL Certificates from Https.In are of affordable Price. Also, you get free technical support for Lifetime.
Use SSL Expert AI Tool to Choose Best SSL Certificate for your Websites according to your requirement. All the Certificates comes with a strong encryption level of between 128/256 bit.
Yes, SSL Certificate reflects the credibility of the business and the website, as it evokes trust to do business with you. If your website does not have an SSL Certificate then when a visitor visits your website he will see "Not Secure".
Your trial certificate is a fully-functional SSL Certificate, with exactly the same browser ubiquity and encryption as our other certificates. This is so that you can fully-test your systems prior to roll-out. As such, the trial certificate must be validated to the same standard as other certificates in our range. This validation process is utilized for every application put to us.
Yes, it needs to be validated again as because every CA has its own stringent rules of validating the information provided to them.
Yes, you have to go ahead & send us the documentation once again as it will be considered as a new purchase
The time required to issue a new SSL certificate depends on many factors. The SSL certificate type, the validation process, and how quickly you respond with requested information from us or the certificate authority communications.
All major web and mobile browsers are compatible with the SSL certificates provided by us.
If there are some browsers which are incompatible with it, then those browsers are either very old, and nobody uses them anymore, or they are custom made browsers, and again, very few or no people use them.
Your trial certificate is a fully-functional SSL Certificate, with exactly the same browser ubiquity and encryption as our other SSL Certificates. This is so that you can fully-test your systems prior to roll-out. As this is a free service we have to limit the number of trial certificates that we offer.
Yes. If you want to renew your certificate within 90 days prior to certificate expiration then we can migrate existing days to the new certificate you want to purchase.
No, you have you generate a fresh CSR and share it with us so that we can issue a certificate.
Thirty Days(30) from the date of issuance of certificate, you make changes to the certificate like Common Name change, Organization change, etc. After the given time span, you will not be able to make changes.
Yes, all the certificates which we provide comes bundled with free reissues features within the expiry of the certificate
Certificate Authorities recognizes that strong validation is essential for the continuing growth of ecommerce. Before issuing a certificate we need to validate both that the applicant owns, or has legal right to use, the domain name featured in the application and secondly that the applicant is a legitimate and legally accountable entity. To do this we need to have access to documentation which verifies these two factors.
You do not need to provide any documentation in order to purchase a Domain Validated (DV) certificate. All you will need to do is confirm that you own the domain you wish to cover by confirming the DRC mail which you will receive for the CA end.
Organization Validated (OV) verification requires checking your business registration. If the Certificate Authority (CA) can verify this information using online government databases, no additional documents will be required. However, if the online filings are not available or inaccurate or not up to date, the CA may request additional official government registration documents, which vary on a case-by-case basis.
Please find the list of documents to be provided given below :-
a) SSL Documentation Form,
b)Acknowledgement of Agreement letter
c)Professional Opinion Letter (if required)
Certifying Authority(CA) will resend the DRC mail or POL (Professional Opinion Letter) is an alternative.
In order to reschedule this, please contact us and provide your availability. Please note, not all telephone numbers are suitable. The number must be verified by the Certificate Authority (CA), so please confirm the number that the CA will be calling.
After completing validation, We will send the certificate to the email address you provided as your technical contact in proper format. If the technical contact does not receive the email, please contact us after checking your Spam and Junk Mail folders.
Yes, you can do this for EV, OV and DV Certificates.
It depends on the type of certificate and the validation process of the Certificate Authority. Domain Validated (DV) Certificate can take a few minutes to a business day, Organization Validated (OV) Certificate can be issued within 2-3 days to be issued and Extended Validation (EV) Certificate usually take around 5-10 business days to be issued.
We can mention your number which you will be providing in POL (Professional Opinion Letter) and can get it verified for the CA to call you .
The public key that is created on your server must be a minimum of 2048 bits, depending on your server software. This public key will be contained within your digital certificate. The private key, which is used to sign your SSL Certificate, is a minimum 2048 bit.
No, they support the key size as determined by the web server or browser, if the web server or browser can only negotiate 40 or 128 bit then this is the session that is established.
The most likely cause is that an intermediate certificate has not been loaded. Please visit our SSL Certificate Installation instructions in our Online Support Center to confirm that your Certificate has been properly installed.
This error normally occurs due to following reasons:
This happens only when the website is having mixed content issue. In short, the website is requesting http connections over https because of which the padlock is not visible. Please contact your web developer team to help you resolve this issue.
This can occur if you are forcing the web server to load content over http rather than https when you are in SSL mode. Check your HTML code and ensure that you have no references to files or graphics that start with src=http://www. yourcompany.com/directory/file.gif.
If you do have reference like this, they must be relative, such as src=/directory/file.gif or absolute using https, such as src=https://www.yourcompany.com/directory/file.gif.
This error occurs when the certificate is being used on a different fully qualified domain name (FQDN) than the one for which it was issued. For example, if your certificate was issued to www. yourcompany.com, using it on secure. yourcompany.com will result in a name mismatch error.
You may also see this Security Alert if you have not installed the intermediate certificate and rebooted your server.
Internet Explorer :- Internet Explorer can display the protocol version information. Just hit File->Properties or Right-click -> Properties, and a window would open, under Connection.
Firefox :- click the padlock icon (on the left of the URL), then More Information and then under the Technical Details.
Chrome :- Click on the padlock icon; a popup appears, which contains some details, including the protocol version.
For browsers which do not show the information, you can always obtain it running a network analyzer like Wiresharkor Network Monitor
If the Load balancer is facing the internet and is doing the SSL offloading, then you require just One SSL Certificate. The point of a load-balancer is that all your servers appear to the client as one.
Assuming you will be hosting your services behind a domain name, not the IP address (e.g. http://myservice.com, not http://192.168.0.1) the IP address for an SSL does NOT need to be static, it just needs to be dedicated. The problem you're going to have with hosting an SSL service on a dynamic IP address is that you will need to set up your DNS to 'follow' your IP address around.
IP addresses are limited, requiring every website to have its own IP address can cause problems in the long term. Server Name Indication (SNI) is the solution to this problem. Browsers that support SNI will immediately communicate the name of the website the visitor wants to connect with during the initialization of the secured connection, so that the server knows which certificate to send back. This allows browsers/clients and servers supporting SNI to connect multiple certificates for multiple domain names to one IP address. In that case, a visitor to your website will not notice any difference.
There may be several reasons behind why the browser is not showing the green bar or green padlock, check out the most common reasons below -
There may be some specific reasons, when the common name in the certificate and URL in the browser are not EXACT match, when www. is missing in the browser or domain in the certificate, if the web host's certificate is incorrectly assigned to your domain name and sometimes it also happens if you purchased a certificate which not cover the specific subdomain/ domains that you are looking at.
The 1024bit was the old industry standard for SSL certificates. Since 2010 this length is no longer safe enough.The largest certification authorities and their partners have already quit accepting root keys shorter than 2048bit.
It doesn’t really matter if your SSL certificate has 4096bit or 2048bit root key, because both are uncrackable.Most of the certificate authorities support both 2048 and 4096 root key length.Current and most recent browsers support certificates upto 4096
Over the past few years, there have been several fake SSL certificates created, due to lapses at certificate authorities (CAs) and sometimes through compromised server infrastructure. These fake SSL certificates can be utilized to masquerade as legitimate, secure websites, appearing to be verified and authentic, fooling web browsers, so users can't tell that a site they're visiting is not secure.
SSL certificates are essentially the underpinnings of the HTTPS protocol. These certificates are signed by a trusted CA, and each certificate is issued only after it has passed a number of validations to ensure the certificate is requested by the real owner of that domain.
Google's Certificate Transparency is an open source project that aims to fix "structural flaws in the SSL certificate system, which is the main cryptographic system that underlies all HTTPS connections," according to the project's website, certificate-transparency.org.
Certificate Transparency does not stop bad certificates from being issued. Instead, as the name implies, it allows people to look at all certificates that have been issued by a CA. This is achieved using centralized logging to a collection of servers. These log servers talk to one another, to ensure consistency and reveal any unusual activity. Anyone can query the log servers to find out details on certificates that have been issued to anyone, by anyone. For example, a company could check to see what certificates have been created using its domains and details. Other CAs are free to add log servers, and many more will likely appear over time as the popularity of CT increases
A Site Seal is when you purchase a SSL certificate. This Site Seal provides a stamp of legitimacy on your site. It provides a dynamic proof that the CA has verified your business or your organization. This prominently displayed smart site seal guarantees online visitors they will receive the highest level of encryption possible. Clicking the seal reveals the authenticity of your site.
Code signing certificate is a digitally signed certificate that used to prove that the code has not been altered or corrupted since it was signed by the author. You can sign many different types of codes including .exe, .cab, .dll, .ocx, and .xpi files.
The most common platforms are Microsoft, JAVA, Adobe, Android, etc… The platform is used by developers to sign their applications using specific tools. Each platform is different.
You may face trouble to download the code signing certificate and this may happen due to several different reasons. First, if you are not using the default browser which you used to generate CSR or if you are not using browser properly, then you will receive an error message. Second, if you are not using the same PC which generated the order, in this case if you use a different PC than the corresponding private key will be missed and you will not able to download code signing certificate.
A private key is important for SSL installation and it should be kept privately on your server. You should not expose it to your SSL provider or other users. If you have lost or deleted your Private Key, then you must generate a new CSR .
First check your backups and see if you can reinstall the "private key". If you don't know how to re-install the key from your backups, then contact your system administrator, or you can call us for technical support.
The Last Resort is reissuance of the SSL Certificate. To reissue your SSL Certificate, you will need to create a new CSR and submit it to us so that we can reissue the certificate.
The most likely cause is that the intermediate certificate has not got installed. Please install the intermediate certificate to resolve the issue.
A Certificate Signing Request (CSR) is an encoded file that is generated on the server for all SSL Certificates. The CSR file includes information that identifies your organization and domain name.
Please Use the domain name you wish to have the SSL Certificate issued to in the Common Name field when generating your CSR. Do not include the "http://" when entering the domain name, nor any slashes with subfolders after the domain name.
If you use the original CSR and someone has previously acquired the Private Key without your knowledge then you are at risk of attacks during encrypted sessions.
If you use a new CSR then anyone possessing the Private Key looses the ability to decrypt your encrypted sessions when you apply the new certificate issued from the new CSR.
Is the 90-Day Certificate Validity Period Coming Soon?