Skip to main content

Order a GeoTrust DV SSL Certificate

Important

Industry standards change: End of 2-year public SSL/TLS certificates

On August 27, 2020, at 6:00 PM MDT (August 28 at 00:00 UTC), DigiCert stopped issuing public DV, OV, and EV SSL/TLS certificates with a maximum validity greater than 397 days. To learn more about this change, see End of 2-year DV, OV, and EV public SSL/TLS certificates.

To maximize your SSL/TLS coverage, purchase your new certificates with a DigiCert® Multi-year Plan. For more information about these plans, see Multi-year Plans.

Before you begin

  • Certificate signing request (CSR).

    Before you request your certificate, you need to create a CSR. Certificates must use at least a 2048-bit key size. To learn more about generating a CRS, see Create a CSR (Certificate Signing Request).

  • Domain Control Validation (DCV)

    After submitting your request, you must complete the domain validation for the domains you are securing before DigiCert can issue your certificate. See Domain Control Validation (DCV) methods.

Order your GeoTrust DV SSL certificate

  1. Select the DV Certificate you want to order

    In your CertCentral account, in the left main menu, hover over Request a Certificate, and then under DV Certificates, select GeoTrust DV SSL.

  2. Add Your CSR

    We take the common name included in your CSR and add it to the Common name box.

    On the Request GeoTrust DV SSL Certificate page, in the Certificate Details section, upload your CSR to or paste it in the Add Your CSR box.

    Note

    When copying the text from the CSR file, make sure to include the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags.

  3. Common name / SANs

    When you add the CSR to the order form, we take the common name and SANs included in your CSR and add them to the Common name / SANs box.

    Add and remove fully qualified domain names (FQDNs) and wildcard domains as needed so the certificate will secure the domains you want.

  4. How long do you need to protect your site?

    1. Select Select a coverage length.

    2. In the How long do you need to protect your site window, select the coverage for your certificate order.

      • With a 1-year plan, you get a 1-year certificate by default.

      • With 2, 3, 4, 5, or 6-year plans, your first certificate has a 397-day validity by default.

      • With Custom order validity, you can set the order length or the date you want the order to expire.

      • For more information about these plans, see Multi-year Plans.

    3. Select Save.

    4. To modify your SSL/TLS certificate coverage, under Plan details, select the edit icon (pencil).

  5. Certificate Validity

    To modify the validity period for the first TLS certificate in your order, under Certificate Validity, select the pencil icon. You can select 1 yearCustom expiration date, or Custom length.

    • For a certificate with a shorter validity than the order, you need to reissue your certificate to use the remaining validity on the order.

    • Certificate validity determines the length of the first certificate issued for the plan. If needed, you can change the validity period when you reissue your certificate.

    Notice

    Industry standards dictate that the maximum validity period for all public SSL/TLS certificates is 397 days (approximately 13 months).

  6. Auto-reissue

    To set up automatic reissue for this certificate order, check Auto-reissue. With auto-reissue enabled, a reissue certificate request will be automatically submitted when this certificate nears its expiration date.

    Important

    DV certificates don't support domain prevalidation, so we can't reuse the order's domain validation. After we submit your GeoTrust DV SSL certificate request, you must demonstrate control over the domains on the reissue request before we can issue your new certificate.

  7. Prove control over your domain

    Before DigiCert can issue your DV certificate, you must demonstrate control over the domain in your certificate order. To learn more about the available DCV methods, see Domain Control Validation (DCV) methods.

    In the Domain control validation (DVC) method dropdown, select the DCV method you want to use to demonstrate control over the domain on the certificate order.

    • DNS TXT Record (recommended)

      The DNS TXT DCV method allows you to demonstrate control over the domain on your order by creating a DNS TXT record containing a DigiCert randomly generated value.

    • Verification Email

      The Email DCV method allows an email recipient to demonstrate control over the domain by following the instructions in a confirmation email sent for the domain.

    • HTTP Practical Demonstration

      The HTTP practical demonstration DCV method allows you to demonstrate control over your domain by hosting a fileauth.txt file containing a DigiCert randomly generated value at a predetermined location on your website.

      Important

      If you add a wildcard domain to your request, you will not see this option. Industry policy no longer allows the HTTP practical demonstration method for wildcard domains and limits the effective use of the method for subdomains. For more on this policy change, see Domain validation policy changes in 2021.

    • DNS CNAME Record

      The DNS CNAME DCV method allows you to demonstrate control over your domain by creating a DNS CNAME record containing a DigiCert randomly generated value.

    Important

    After submitting your certificate order, you can change the DCV method from the certificate's Order # details page. In the left main menu, go to Certificates > Orders. On the Orders page, in the Order # column, select the DV certificate order's number link.

    Although you can switch DCV methods, you must use the same DCV method for every domain on the order.

  8. Email Language

    If you selected the Verification Email DCV method to validate the domain on your DV certificate order, in the dropdown, select the language in which you want your DCV authentication email sent.

  9. Contacts

    Adding a technical contact to your DV certificate order is optional. However, we recommend adding at least one individual to contact if problems arise with the certificate order process.

    1. In the Order details section, under Contacts, in the Technical Contact box, select the Add contact link.

    2. In the Add contact window, provide the contact's information: first and last name, job title, phone, and email).

    3. Then select Submit.

  10. Notes and Certificate Renewal Message

    Adding notes and a certificate renewal message to your corticate order is optional.

    1. Expand Notes / Renewal Message.

    2. Comments to Administrator

      Add a note to the order that only an Administrator can see (for example, why the certificate is needed).

    3. Order Specific Renewal Message

      Create an order-specific renewal message.

    Note

    Comments and renewal messages are not included in the certificate.

  11. Additional emails

    Enter the email addresses (comma separated) for the people you want to receive the certificate notification emails, such as certificate issuance, certificate reissues, and certificate renewals.

  12. Select Payment Method

    Under Payment Information, select a payment method to pay for the certificate:

    1. Pay with Contract Terms

      Have a contract and want to use it to pay for the certificate?

      If you do, you may use it.

      Note

      When you have a contract, it is the default payment method.

    2. Pay with Credit Card

      Don't have a contract or don't want to use the contract to pay for this certificate?

      Use a credit card to pay for the certificate.

    3. Pay with Account Balance

      Don't have a contract or don't want to use the contract to pay for this certificate?

      Bill the cost to your account balance.

      To deposit funds, select the Deposit link.

      Important

      The Deposit link takes you to another page inside your CertCentral account. Any information entered in the request form is lost.

  13. Master Service Agreement

    Read through the agreement and check I agree to the Master Services Agreement.

  14. When ready, select Submit certificate request.

What's next

Demonstrate control over the domains on your order

Before we issue your certificate, you must complete the domain validation on the order. See Domain Control Validation (DCV) methods.