Step Two: Configuring an SSL Certificate

  1. CSR Generation
  2. Configuration
  3. Validation
  4. Issuance
  5. Installation
  6. Site Seal Installation

'Configuration' consists of gathering and submitting the specific information so that your order and domain ownership can be validated. Proving you are who you say you are, and that you control/own the domain and website you're going to attach the SSL certificate to, is part of what makes SSL certificates secure and trustworthy.

The steps below should be followed only once a CSR Key has been obtained (as was covered in Step One).

Process Overview

  1. Once logged into your account at, browse to: My Account > Manage >SSL Certificates
  2. Click on the Not Configured section on the left, and then on the domain name of the certificate

Enter Certificate background info

Quite a bit of information is required in order to configure an SSL certificate. You'll be providing information about the


Paste in the aforementioned CSR key from Step One in its entirety and click the Decode button. The information used to create the CSR Key in Step One should successfully be decoded and displayed below. This information should be reviewed for accuracy, in particular the domain name which is displayed. If any information is incorrect, go back to Step One and repeat the steps to generate an updated CSR Key.

Domain Validation

Certificate validation is the process of proving you control the domain (and website) that the SSL certificate will be attached to. This is a security measure to ensure that SSL certificates are only issued to the legitimate owner of a website.

Validation can be performed either by email or DNS record. Either method can be used, and your choice is based on preference, convenience and feasibility.

Verification via Email or DNS

Verification of control of your domain name can be performed either by:

  1. Responding to a verification email which is sent to a predetermined email address, or
  2. Inserting predetermined DNS records into the DNS zone for the domain.

Verification via Email

Pros: Conceptually, this verification method is easier to understand than DNS, and therefore often more convenient

Cons: The list of possible verification email addresses is fixed. If none of the selectable email addresses exist, and you cannot create one of them temporarily, then email verification cannot be used.

Verification Overview: A verification email will be sent to a specified email address . If you can receive and respond to this email, it demonstrates that your have control over the domain and related email services - i.e. you are the owner of the domain.

Process: Specify the Verification email address that the Verification Email and eventual SSL Certificate will be sent to once generated. Only one of several generic predetermined alternatives can be used.

The generic, predetermined addresses are:

Once all the configuration information on this page is submitted, watch the selected email inbox for a verification from the Certificate Authority (GeoTrust, RapidSSL, Digicert, etc). Within the email will be a link to click on. Click the link to visit the verification webpage for your SSL Certificate and complete the steps presented on-screen.

Verification via DNS

Domain validation via DNS Record requires a one-time DNS record to be applied to the domain name by the domain owner. The Certificate Authority (CA - GeoTrust, Sectigo etc) will then check for the existence of this record. Once found, ownership (or control of) the domain name will be validated and the certificate can then be issued.

Pros: If Webnames also hosts your DNS records, we can create and add the necessary records for you automatically.

Cons: If you don't have easy access to your domain's DNS (which is most often located within your website hosting account), then DNS verification can prove difficult.

Verification Overview: DNS is a behind-the-scenes component of domain names that is used to connect a domain name to services like web hosting and email. Typically only the domain owner has access to the DNS of a domain, and so by adding a specified record to the DNS of a domain, you can demonstrate that you are the owner of a domain.

Process: When selecting DNS as a Domain Validation method, you will need to add specific DNS records to your DNS Zone. This task is done via your DNS provider, which is often also your web hosting provider.

Applying the DNS Record to your domain

Once all the configuration information on this page is submitted, the specific DNS record that needs to be added will be displayed on-screen along with further instructions. The issuing Certificate Authority (GeoTrust, RapidSSL, Digicert, etc) will automatically look for the presence of the required DNS record. Typically lookups happen at an interval of diminished frequency, for example once every 5 minutes, then once every 15 minutes, then 30, 60 etc.

Admin Contact Information

Accuracy and completeness of the Contact information in the next three sections is important. While basic certificates only validate that you have control of the associated domain name (known as Domain Validated, or DV Certificates) higher-security certificates that employ processes such as Organizational Validation (OV) and Extended Validation (EV) will result in the information you submit being verified by actual humans against available government records.

See also: "Domain Validated Certificates"

See also: "Organization Validated Certificates"

See also: "Extended Validation Certificates"

On the page, specify the Administrative Contact information for the Certificate. This is typically the same individual as the Admin Contact for the domain name.

Include Technical Contact Information, if different than that of the Administrative Contact defined above.

Include Organization Information (this section only appears for Organization Validated certificates)

Note: It is best practice that the contact information you provide for the SSL certificate match the contact information for the domain name.

This information can be obtained via your Webnames account, if applicable or via WHOIS lookup.

Additionally, the WHOIS information for the domain must be publicly viewable so that the contact information you submit via this step can be verified via a WHOIS lookup by the Certificate Vendor (GeoTrust, Digicert, Symantec etc.).

In the case of Organizationally Validated SSL Certificates, domain privacy services typically need to be disabled so that it can be shown that the domain name, certificate and business / organization are all the same party.

See also: "Enabling Disabling or Canceling Webnames Privacy"

Click Continue to Proceed to the next page.

Once the above information has been submitted, approval and validation steps will commence.

Note: If the SSL Certificate will be for a Major Corporation, a well-known Trademark, or any Financial Institution, the Admin Contact must be an employee of the company. Additional verification will also be performed in this case via telephone.

See also: "Approval and Validation"

Please click your SSL Certificate type below for more information on Validation steps

Domain Validated Certificates Organization Validated Certificates Extended Validation Certificates
GeoTrust QuickSSL DigiCert OV Multi-Domain SSL Certificate DigiCert EV SSL Certificate
GeoTrust Quick SSL Premium DV SSL Certificate Digicert Secure Site Pro OV SSL Certificate DigiCert EV Multi-Domain SSL Certificate
GeoTrust Quick SSL Premium DV Multi-Domain SSL Certificate Digicert Standard OV SSL Certificate Thawte EV Multi-Domain SSL Certificate
GeoTrust SAN SSL Certificate Digicert OV Wildcard SSL Certificate GeoTrust True Business ID EV SSL Certificate
Rapid SSL DV SSL Certificate GeoTrust True Business ID OV SSL Certificate GeoTrust True Business ID EV Multi-Domain SSL Certificate
Rapid SSL DV Wildcard SSL Certificate GeoTrust True Business ID OV Wildcard SSL Certificate Sectigo EV SSL Certificate
Sectigo PositiveSSL DV SSL Certificate GeoTrust True Business ID OV Multi-Domain SSL Certificate  
Sectigo DV SSL Certificate Thawte OV Multi-Domain SSL Certificate  
Sectigo DV Wildcard SSL Certificate Thawte Web Server OV SSL Certificate  
Sectigo PositiveSSL DV Wildcard SSL Certificate Sectigo InstantSSL OV SSL Certificate  
Thawte DV Multi-Domain SSL Certificate Sectigo OV Multi-Domain SSL Certificate  
Thawte DV Wildcard SSL Certificate Sectigo InstantSSL Premium OV Wildcard SSL Certificate