Skip to main content

Order a GeoTrust DV SSL certificate

Notice

Annual plans

As of February 24, 2026, DigiCert TLS/SSL certificate plans are one year by default. Learn more about DigiCert annual plans for TLS/SSL certificates.

Before you begin

  • Certificate signing request (CSR).

    Before you request a certificate, you must create a CSR. Certificates must use at least a 2048-bit key size. To learn more about generating a CSR, see Create a CSR (certificate signing request).

  • Domain Control Validation (DCV)

    After submitting your request, you must validate (demonstrate control over) all the domains you're securing before DigiCert can issue your certificate. See Domain Control Validation (DCV) methods.

Order your GeoTrust DV SSL certificate

  1. Select the DV Certificate you want to order

    In your CertCentral account, in the left main menu, hover over Request a Certificate, and then under DV Certificates, select GeoTrust DV SSL.

  2. Add Your CSR

    We take the common name included in your CSR and add it to the Common name box.

    On the Request GeoTrust DV SSL Certificate page, in the Certificate Details section, upload your CSR to or enter it in the Add Your CSR box.

    Note

    When copying the text from the CSR file, make sure to include the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags.

  3. Common name / SANs

    When adding the CSR to the order form, we add the common name and SANs in your CSR to the Common name / SANs box.

    Add and remove fully qualified domain names (FQDNs) and wildcard domains as needed so the certificate secures the domains you want.

  4. How long do you need to protect your site?

    1. Select Select a coverage length.

    2. In the How long do you need to protect your site window, select the coverage for your certificate order.

      With DigiCert annual plans (1-year orders), you get a 199-day certificate by default.

    3. Select Save.

  5. Certificate Validity

    To modify the validity period for the first TLS certificate in your order, under Certificate Validity, select the pencil icon. You can select 199 dayCustom expiration date, or Custom length.

    • For a certificate with a shorter validity than the order, you need to reissue your certificate to use the remaining validity on the order.

    • Certificate validity determines the length of the first certificate issued for the plan. If needed, you can change the validity period when you reissue your certificate.

    Notice

    Industry standards dictate that the maximum validity period for all public TLS/SSL certificates is 199 days (approximately six months).

  6. Auto-reissue

    To set up automatic reissue for this certificate order, check Auto-reissue. With auto-reissue enabled, a reissue certificate request is automatically submitted when this certificate nears its expiration date.

    Important

    DV certificates don't support domain prevalidation, so we can't reuse the order's domain validation. After submitting your GeoTrust DV SSL certificate request, you must validate the domains on the reissue request before we can issue your new certificate.

  7. Prove control over your domain

    Before DigiCert can issue your DV certificate, you must demonstrate control over the domain in your certificate order. To learn more about the available DCV methods, see Domain Control Validation (DCV) methods.

    In the Domain control validation (DVC) method menu, select the DCV method you want to use to demonstrate control over the domain on the certificate.

    • DNS TXT Record (recommended)

      With this DCV method, you demonstrate control over the domain by creating a DNS TXT record containing a DigiCert randomly generated value.

    • Verification Email

      With this DCV method, an email recipient demonstrates control over the domain by following the instructions in a confirmation email sent for the domain.

    • HTTP Practical Demonstration

      With this DCV method, demonstrate control over your domain by hosting a fileauth.txt file containing a DigiCert randomly generated value at a predetermined location on your website.

      Important

      If you add a wildcard domain to your request, you don’t see this option. Industry policy no longer allows the HTTP practical demonstration method for wildcard domains and limits the effective use of the method for subdomains. For more on this policy change, see Domain validation policy changes in 2021.

    • DNS CNAME Record

      The DNS CNAME DCV method allows you to demonstrate control over your domain by creating a DNS CNAME record containing a DigiCert randomly generated value.

    Important

    After submitting your certificate order, you can change the DCV method from the certificate's Order # details page. In the left main menu, go to Certificates > Orders. On the Orders page, select the DV certificate order's number link.

    Although you can switch DCV methods, you must use the same DCV method for every domain on the order.

  8. Email Language

    If you selected the Verification Email DCV method, in the menu, select the language in which you want your DCV authentication email sent.

  9. Contacts

    Adding a technical contact to your DV certificate order is optional. However, we recommend adding at least one individual to contact if problems arise with the certificate order process.

    1. In the Order details section, under Contacts, in the Technical Contact box, select the Add contactt link.

    2. In the Add contact window, provide the contact's information: first and last name, job title, phone, and email).

    3. Then select Submit.

  10. Notes and Certificate Renewal Message

    Adding notes and a certificate renewal message to your certificate order is optional.

    1. Expand Notes / Renewal Message.

    2. Comments to Administrator

      Add a note to the order that an Administrator can see (for example, why the certificate is needed).

    3. Order Specific Renewal Message

      Create an order-specific renewal message.

    Note

    Comments and renewal messages aren’t included in the certificate.

  11. Additional emails

    Enter the email addresses (comma separated) for the people you want to receive the certificate notification emails, such as certificate issuance, reissues, and renewals.

  12. Select Payment Method

    Under Payment Information, select a payment method to pay for the certificate:

    1. Pay with Contract Terms

      Have a contract and want to use it to pay for the certificate?

      If you do, you may use it.

      Note

      When you have a contract, it is the default payment method.

    2. Pay with Credit Card

      Don't have a contract or don't want to use the contract to pay for this certificate?

      Use a credit card to pay for the certificate.

    3. Pay with Account Balance

      Don't have a contract or don't want to use the contract to pay for this certificate?

      Bill the cost to your account balance.

      To deposit funds, select the Deposit link.

      Important

      The Deposit link takes you to another page inside your CertCentral account. Any information entered in the request form is lost.

  13. Master Service Agreement

    Read through the agreement and check I agree to the Master Services Agreement.

  14. When ready, select Submit certificate request.

What's next

Demonstrate control over the domains on your order

Before we issue your certificate, you must validate (demonstrate control over) all the domains on the order. See Domain Control Validation (DCV) methods.

In this section: