SSL Certificates FAQ'S

Once your SSL certificate has been signed and issued, RJL will send you an e-mail message that allows you to download the signed certificate and our root certificate bundle (gd_bundle.crt), both of which must be installed on your Web site.
Note: You must use the provided certificate-download link within three days of receiving the certificate-issuance e-mail message. If the download link is allowed to expire, you must request a certificate re-key in order to retrieve your signed SSL certificate.

Standard SSL Certificates

If all required documentation is provided and we successfully authenticate the submitted information, an SSL Certificate can be issued within minutes of CSR submission.

Premium SSL Certificates

If all required documentation has been successfully authenticated and the final phone call has been completed (during business hours of the requestor), a Deluxe SSL Certificate generally can be issued within 2-5 hours of CSR submission.

No. Because an SSL certificate only works properly with the domain for which it is issued, pointing a domain to an IP used by another SSL-secured site normally will cause a certificate security error.

To renew an expiring SSL certificate, you must purchase a certificate-renewal credit from us, then log in to your SSL account and follow the provided instructions for requesting a certificate renewal. We prompt you to renew expiring SSL certificates via email. Renewal notices are sent 30 and 15 days prior to the certificate's expiration date.
To renew an expiring SSL certificate
Select SSL Certificates from the My Account menu.
Click on the Certificate name
Highlight the length of time you want to purchase and click Continue.
After completing your purchase, you will need to return to the SSL Certificates area and continue with the application process.
On your Manage SSL Certificates page, click on the certificate name you just purchased the renewal for. In the box titled SSL Certificate Details you will see a status of "Renewal Pending" and a link above that for the certificate name. Click that link.
Once in the SSL account, you will see your renewal credit under "Use Certificate Credits". Click the circle in front of the renewal credit and start your application.
Select SSL Certificates from the My Account menu.
Click on the Manage Certificate link to the right of the domain name.
Once the renewed certificate has been signed and issued, we will email it to you, along with our intermediate certificate.
NOTE: A certificate can be renewed up to 90 days prior to and 30 days following the expiration date. If the certificate is allowed to expire, the visitor's browser displays a warning upon entering the Web site area that was previously protected with your SSL certificate.
Depending on your choice of Web server software, you may or may not need to generate a new Certificate Signing Request (CSR) for the renewed certificate. If you are using Linux-based server software, you may use your existing CSR for the certificate renewal (you can also generate and submit a new one, if you prefer). If you are running Microsoft IIS 4.x, 5.x, or 6.x on your Web server, it is strongly recommended that you generate and submit a new CSR before attempting to renew your SSL certificate.
NOTE: If any of the information in your CSR (including company name or address information) has changed, you must generate and submit a new CSR before your certificate can be renewed).
If more than 13 months have elapsed since the last time we authenticated you or your company as part of the certificate-issuance process, you must submit your personal/company information again so we can authenticate the information again before a renewed certificate can be issued. If you or your company were successfully authenticated less than 13 months ago, we do not need to re-verify your information to renew your certificate.

Before the Certification Authority (CA) issues a Premium SSL certificate, the applicant's company or personal information undergoes a rigorous authentication process. Validation is an integral element in the CA's SSL certificate services. This validation process ensures the highest level of trust.

The Premium SSL certificate contains the name of an organization that can be confirmed as registered with a government authority or the name of the individual requesting the certificate, if the organization name cannot be authenticated (using a third-party data source).

In the case of a small business, the CA includes the entity's "doing business as" (DBA) name in the certificate information.

Before issuing an Premium SSL certificate, the CA will verify that:

• The entity requesting the certificate controls the domain for which the certificate is being requested.
• The certificate is being issued to an organization that is currently registered with a government authority (if applicable).
• The individual requesting the certificate is associated with the entity named in the certificate (if applicable).

If the CA is unable to authenticate the requesting entity, the requestor in some cases may be able to fix the problem by providing additional documentation to enable authentication. The CA will notify you if additional documentation is needed.

If — while processing a Premium Web SSL certificate request — the CA is unable to authenticate the existence/identity of the requesting entity, the requestor will have the option of aborting the validation process and instead have the CA issue a SSL certificate, which relies on validation of domain control only. If the requestor declines this option, the certificate request will be denied.

A certificate holder may request that his/her certificate is revoked or deleted.
A revoked certificate is canceled permanently and will no longer be able to be re-keyed, renewed or reissued.
If you are moving your SSL certificate to a new server, if your server has crashed or if you have lost your private key, you will want to re-key your SSL certificate not revoke it. Two free re-key credits are available to you within the first 30 days of purchase. If you need an additional re-key credit after that time, please contact customer service for an additional free re-key credit.
A revoked certificate is instantly rendered invalid. Consider revoking your certificate if any of the following situations occur:

• The SSL certificate contains incorrect information.
• The SSL certificate is no longer needed.
• You can not access your SSL account to manage your SSL certificate.
• The wrong type of SSL was purchased .

NOTE: If you need to re-key a certificate and do not see that option it is because it has been longer than 30 days since the certificate was issued. Contact customer service for a free re-key token that can be used instead of a revocation.
Partial refunds for revoked SSL certificates are available within the first 30 days of purchase. If this is done more than 30 days from issuance, you will not be eligible to receive a refund. Once a certificate has been issued, any refund is less an administration fee for the resources and support required for the issuance process. The fee is $10 for standard SSL certificate, and $15 for premium SSL certificate. If you have questions about our refund policies on revoked SSL certificates, please contact our billing department for assistance.

A Premium Extended Validation (EV) SSL certificate is a digital certificate issued in conformance with the extended validation guidelines defined by the CA/Browser Forum.
The introduction of Premium Extended Validation (EV) SSL certificates will tighten the security of Internet transactions as certificate requestors will be subject to a thorough, standardized vetting process which all issuing Certification Authorities (CAs) must adhere to.
The Premium Extended Validation (EV) SSL certificate standard provides an improved level of authentication of entities that request digital certificates for securing transactions on their Web sites. The Premium Extended Validation (EV) SSL Certificate standard provides an improved level of authentication of entities that request digital certificates for securing transactions on their Web sites. The latest generation of Internet browsers will display Premium Extended Validation (EV) SSL-secured Web sites in a way that allows visitors to instantly recognize that the organization that operates the site has been authenticated in accordance with the CA/Browser Forum's uniform vetting standard.
Premium Extended Validation (EV) SSL certificates are particularly useful for companies whose Internet domains are considered at a high risk of being targeted by phishing schemes and other types of Internet fraud. High-risk domains include domains owned by high-profile online financial services, banking sites, auction sites, popular retailers and other sites that conduct Internet transactions likely to be targeted by Internet fraud.

In essence: The combination of a rigorous, standardized vetting process and new browser versions displaying EV SSL-secured Web sites differently enables Web site visitors to instantly recognize that a Web site can be trusted. As Internet users become familiar with the new browser versions, they will immediately recognize the difference between Web sites that are secured with traditional SSL certificates and those that are covered by the more stringent EV SSL standard.