Order a RapidSSL Wildcard DV Certificate

Industry standards change: End of 2-year public SSL/TLS certificates

On August 27, 2020, 6:00 PM MDT (August 28 00:00 UTC), DigiCert stopped issuing public DV, OV, and EV SSL/TLS certificates with a maximum validity greater than 397 days. For more information about this change, see End of 2-year DV, OV, and EV public SSL/TLS certificates.

To maximize your SSL/TLS coverage, purchase your new certificates with a DigiCert® Multi-year Plan. For more information about these plans, see Multi-year Plans.

Before you begin

  • Certificate signing request (CSR)
    Before you request your certificate, you need to create a CSR. Certificates must use at least a 2048-bit key size. To learn more about generating a CRS, see Create a CSR (Certificate Signing Request).
  • Domain Control Validation (DCV)
    After submitting your request, you must complete the domain validation for the domain you are securing before DigiCert can issue your certificate. See Domain Control Validation (DCV) methods.

Order your RapidSSL Wildcard certificate

  1. Select the DV Certificate you want to order

    In your CertCentral account, in the left main menu, hover over Request a Certificate, and then under DV Certificates, select RapidSSL Wildcard DV.

  2. Add Your CSR

    We take the common name included in your CSR and add it to the Common name box.

    On the Request RapidSSL Standard DV Certificate page, in the Certificate Details section, upload your CSR to or paste it in the Add Your CSR box.

    When copying the text from the CSR file, make sure to include the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags.

  3. Common Name

    When you add the CSR to the order form, we take the common name included in the CSR and add it to the Common name box.

    To add or change the common name, manually enter the domain you want this DV certificate to secure.

Make sure to format the common name correctly (*.example.com).

  1. Include both *.your-domain and your-domain in the certificate

    • To secure both *.your-domain and your-domain in your certificate for free, check Include both your-domain and *.your-domain in the certificate.
    • To only secure the version of the domain entered in the Common name box, uncheck Include both your-domain and *.your-domain in the certificate.
  1. How long do you need to protect your site?

    1. Select Select a coverage length.
    2. In the How long do you need to protect your site window, select your coverage.
      1. With a 1-year plan, you get a 1-year certificate by default.
      2. With 2, 3, 4, 5, or 6-year plans, your first certificate has a 397-day validity by default.
      3. With Custom order validity, you can set the order length or the date you want the order to expire.
      4. For more information about these plans, see Multi-year Plans.
    3. Select Save.
    4. To modify your SSL/TLS certificate coverage, under Plan details, select the edit icon (pencil).
  1. Certificate validity

    To modify the validity period for the first TLS certificate in your order, under Certificate Validity, select the edit icon (pencil). You can select 1 yearCustom expiration date, or Custom length.

    • For a certificate with a shorter validity than the order, you need to reissue your certificate to use the remaining validity on the order.
    • Certificate validity determines the length of the first certificate issued for the plan. If needed, you can change the validity period when you reissue your certificate.

Industry standards dictate that the maximum validity period for all public SSL/TLS certificates is 397 days (approximately 13 months).

  1. Auto-reissue

    To set up automatic reissue for this certificate order, check Auto-reissue.

    With auto-reissue enabled, a reissue certificate request will be automatically submitted when this certificate nears its expiration date.

DV certificates don't support domain prevalidation, so we can't reuse the order's domain validation. After we submit your RapidSSL Wildcard DV certificate request, you must demonstrate control over the domains on the reissue request before we can issue your new certificate.

  1. Prove control over your domain

    Before DigiCert can issue your DV certificate, you must demonstrate control over the domain in your certificate order. To learn more about the available DCV Methods, see Domain Control Validation (DCV) methods.

    In the Domain control validation (DVC) method dropdown, select the DCV method you want to use to demonstrate control over the domain on the certificate order.

    • DNS TXT record (recommended)
      The DNS TXT DCV method allows you to demonstrate control over the domain on your order by creating a DNS TXT record containing a DigiCert randomly generated value.
    • Email
      The Email DCV method allows an email recipient to demonstrate control over the domain by following the instructions in a confirmation email sent for the domain.
    • HTTP Practical Demonstration
      The HTTP Practical Demonstration DCV method allows you to demonstrate control over your domain by hosting a fileauth.txt file containing a DigiCert randomly generated value at a predetermined location on your website.
    • DNS CNAME record
      The DNS CNAME DCV method allows you to demonstrate control over your domain by creating a DNS CNAME record containing a DigiCert randomly generated value.

After submitting your certificate order, you can change the DCV method from the certificate's Order # details page. In the left main menu, go to Certificates > Orders. On the Orders page, in the Order # column, select the DV certificate order's number link.

  1. Email Language

    If you selected the Verification Email DCV method to validate the domain on your DV certificate order, in the dropdown, select the language in which you want your DCV authentication email sent.

  1. Contacts

    Adding a technical contact to your DV certificate order is optional. However, we recommend adding at least one individual to contact if problems arise with the certificate order process.

    1. In the Order details section, under Contacts, in the Technical Contact box, select the Add contact link.
    2. In the Add contact window, provide the contact's information: first and last name, job title, phone, and email).
    3. Then select Submit.
  2. Notes and Certificate Renewal Message

    Adding notes and a certificate renewal message is optional.

    1. Expand Notes / Renewal Message.
    2. Comments to Administrator
      Add a note to the order that only an Administrator can see (for example, why the certificate is needed).
    3. Order Specific Renewal Message
      Create an order-specific renewal message.

Comments and renewal messages are not included in the certificate.

  1. Select Payment Method
    Under Payment Information, select a payment method to pay for the certificate:

    1. Pay with Contract Terms
      Have a contract and want to use it to pay for the certificate?
      If yes, you may use it.
      Note: When you have a contract, it is the default payment method.
    2. Pay with Credit Card
      Don’t have a contract or don’t want to use the contract to pay for this certificate?
      Use a credit card to pay for the certificate.
    3. Pay with Account Balance
      Don’t have a contract or don’t want to use the contract to pay for this certificate?
      Bill the cost to your account balance.
      To deposit funds, click the Deposit link.

The Deposit link takes you to another page inside your CertCentral account. Any information entered in the request form will not be saved.

  1. Master Service Agreement

    Read through the agreement and check I agree to the Master Services Agreement.

  2. When ready, select Submit certificate request.

What's next

Demonstrate control over the domain on your order

Before we issue your certificate, you must complete the domain validation on the order. See Domain Control Validation (DCV) methods.