Order a RapidSSL Standard DV certificate

Industry standards change: End of 2-year public SSL/TLS certificates

On August 27, 2020, 6:00 PM MDT (August 28 00:00 UTC), DigiCert stopped issuing public DV, OV, and EV SSL/TLS certificates with a maximum validity greater than 397 days. For more information about this change, see End of 2-year DV, OV, and EV public SSL/TLS certificates.

To maximize your SSL/TLS coverage, purchase your new certificates with a DigiCert® Multi-year Plan. For more information about these plans, see Multi-year Plans.

Before you begin

  • Certificate signing request (CSR).
    Before you request your certificate, you need to create a CSR. Certificates must use at least a 2048-bit key size. To learn more about generating a CRS, see Create a CSR (Certificate Signing Request).
  • Domain Control Validation (DCV)
    After submitting your request, you must complete the domain validation for the domain you are securing before DigiCert can issue your certificate. See Domain Control Validation (DCV) Methods.

Order your RapidSSL Standard DV certificate

  1. Select the DV Certificate you want to order

    In your CertCentral account, in the left main menu, hover over Request a Certificate, and then under DV Certificates, select RapidSSL Standard DV.

  2. Add Your CSR
    We take the common name included in your CSR and add it to the Common name box.

    On the Request RapidSSL Standard DV Certificate page, in the Certificate Details section, upload your CSR to or paste it in the Add Your CSR box.

    When copying the text from the CSR file, make sure to include the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags.

  3. Common Name
    When you add the CSR to the order form, we take the common name included in the CSR and add it to the Common name box.

    To add or change the common name, manually enter the domain you want this DV certificate to secure.

  4. Include both your-domain and www.your-domain in the certificate

    • To secure both your-domain and www.your-domain in your certificate for free, check Include both your-domain and www.your-domain in the certificate.
    • To only secure the version of the domain entered in the Common name box, uncheck Include both your-domain and www.your-domain in the certificate.

  1. How long do you need to protect your site?

    1. Select Select a coverage length.
    2. In the How long do you need to protect your site window, select your coverage.
      1. With a 1-year plan, you get a 1-year certificate by default.
      2. With 2, 3, 4, 5, or 6-year plans, your first certificate has a 397-day validity by default.
      3. With Custom order validity, you can set the order length or the date you want the order to expire.
      4. For more information about these plans, see Multi-year Plans.
    3. Select Save.
    4. To modify your SSL/TLS certificate coverage, under Plan details, select the edit icon (pencil).

  1. Certificate Validity

    To modify the validity period for the first DV certificate in your order, under Certificate Validity, select the edit icon (pencil). You can select 1 yearCustom expiration date, or Custom length.

    • For a certificate with a shorter validity than the order, you need to reissue your certificate to use the remaining validity on the order.
    • Certificate validity determines the length of the first certificate issued for the plan. If needed, you can change the validity period when you reissue your certificate.

Industry standards dictate that the maximum validity period for all public SSL/TLS certificates is 397 days (approximately 13 months).

  1. Auto-reissue

    To set up automatic reissue for this certificate order, check Auto-reissue. With auto-reissue enabled, a reissue certificate request will be automatically submitted when this certificate nears its expiration date.

DV certificates don't support domain prevalidation, so we can't reuse the order's domain validation. After we submit your RapidSSL Standard DV certificate request, you must demonstrate control over the domains on the reissue request before we can issue your new certificate.

  1. Prove control over your domain

    Before DigiCert can issue your DV certificate, you must demonstrate control over the domain in your certificate order. To learn more about the available DCV Methods, see Domain Control Validation (DCV) methods.

    In the Domain control validation (DVC) method dropdown, select the DCV method you want to use to demonstrate control over the domain on the certificate order.

    • DNS TXT Record (recommended)
      The DNS TXT DCV method allows you to demonstrate control over the domain on your order by creating a DNS TXT record containing a DigiCert randomly generated value.
    • Verification Email
      The Email DCV method allows an email recipient to demonstrate control over the domain by following the instructions in a confirmation email sent for the domain.
    • HTTP Practical Demonstration
      The HTTP Practical Demonstration DCV method allows you to demonstrate control over your domain by hosting a fileauth.txt file containing a DigiCert randomly generated value at a predetermined location on your website.
    • DNS CNAME Record
      The DNS CNAME DCV method allows you to demonstrate control over your domain by creating a DNS CNAME record containing a DigiCert randomly generated value.

After submitting your certificate order, you can change the DCV method from the certificate's Order # details page. In the left main menu, go to Certificates > Orders. On the Orders page, in the Order # column, select the DV certificate order's number link.

  1. Email Language

    If you selected the Verification Email DCV method to validate the domain on your DV certificate order, in the dropdown, select the language in which you want your DCV authentication email sent.

  1. Contacts

    Adding a technical contact to your DV certificate order is optional. However, we recommend adding at least one individual to contact if problems arise with the certificate order process.

    1. In the Order details section, under Contacts, in the Technical Contact box, select the Add contact link.
    2. In the Add contact window, provide the contact's information: first and last name, job title, phone, and email).
    3. Then select Submit.

  1. Notes and Certificate Renewal Message

    Adding notes and a certificate renewal message to your corticate order is optional.

    1. Expand Notes / Renewal Message.
    2. Comments to Administrator
      Add a note to the order that only an Administrator can see (for example, why the certificate is needed).
    3. Order Specific Renewal Message
      Create an order-specific renewal message.

Comments and renewal messages are not included in the certificate.

  1. Select Payment Method
    Under Payment Information, select a payment method to pay for the certificate:

    1. Pay with Contract Terms
      Have a contract and want to use it to pay for the certificate? If you do, you may use it.
      Note: When you have a contract, it is the default payment method.
    2. Pay with Credit Card
      Don’t have a contract or don’t want to use the contract to pay for this certificate?
      Use a credit card to pay for the certificate.
    3. Pay with Account Balance
      Don’t have a contract or don’t want to use the contract to pay for this certificate?
      Bill the cost to your account balance.
      To deposit funds, click the Deposit link.

The Deposit link takes you to another page inside your CertCentral account. Any information entered in the request form will not be saved.

  1. Master Service Agreement

    Read through the agreement and check I agree to the Master Services Agreement.

  1. When ready, select Submit certificate request.

What's next

Demonstrate control over the domain on your order

Before we issue your certificate, you must complete the domain validation on the order. See Domain Control Validation (DCV) methods.

About

DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.