Domain-Vetted Authorization for RapidSSL, GeoTrust & Comodo SSL Certificates

This guide will walk you through the authorization process for RapidSSL, GeoTrust and Comodo SSL certificates, and outline the three verification methods from which a registrant can choose.

We'll address the following questions:

What are the three different methods?

How and when do I choose my preferred method?

What if there is a delay in processing my order?

How do I parse the CSR?

What are the relevant xml commands and parameters?


 

What are the three different methods?

Domain-Vetted RapidSSL, GeoTrust and Comodo SSL certificates can be validated using one of the following three methods:


Email

Selecting this method prompts the vendor to send an email to the registrant, requesting that they confirm the details of the certificate. Once this information has been confirmed, the vendor will send the registrant the certificate for installation onto the registrant's web server.


DNS

Upon submitting the order in the OpenSRS Control Panel, a DNS string and timestamp are immediately provided. 

A subdomain is created with the random string pointing to the timestamp. These two elements should be used to add a TXT record to the zone records of the domain.

Example TXT record: 

seQ456Ou5yjGbkYIGTO4MBhb91qnb5rE.brianc.com points to s20160723202445.brianc.com


Here's how:

1. Retrieve the TXT value

In the OpenSRS Control Panel, head to the product order

OR 

Use the get_order_info API command to view this information. See example 9 in our API XML guide.

2. Copy the new TXT value and enter it in the zone information.  

3. Click on " Request validation from vendor.”  

Please note the following: 

The DNS TXT provided is valid for 24 hours

If 24 elapses before this string is added to the registrant's DNS records, a new one must be obtained by querying the trust order details. 

After adding the TXT to the zone records, please wait 24 hours for completion of the validation process.

The timestamp on the TXT will change every time the page is refreshed, but the previous codes are valid for 24 hours.   


FILE

Upon summiting the order in the OpenSRS Control Panel, a text file is immediately provided, and should be uploaded to the following location within website’s main directory:

<domain>/.well-known/pki-validation/fileauth.txt

The vendor will check the website for this file and, after confirming it has been uploaded, validate the certificate. 

Note: It's imperative that the file is uploaded to the correct location. 

 

How and when do I choose my preferred method? 

The preferred method is selected at the time of purchase from the product order page in the OpenSRS Control Panel. 

 


What if there is a delay in processing my order?

The vendor will typically check for newly placed orders every hour. If, after 24 hours, a confirmation of validation has not been received: 

Click the link provided under Domain Validation Authentication Check to send a manual request for validation. A confirmation of the validated certificate should appear under domain notes no later than one hour after this request is made.

If you continue to have issues, please contact us at help@opensrs.com

 

How do I parse the CSR?

Parsing the CSR allows you to see the information it contains and correct any errors that may delay the verification process. This can be done from the Trust section of the reseller control panel. 

For more information, check out the full guide.

If you are having trouble generating your CSR or installing a certificate, the system admin of your webserver can best help you.

Our SSL partners have provided some useful resources on CSR generation and SSL installation:

How to generate a CSR 

GeoTrust | Comodo | Trustwave | Symantec | Thawte

How to install an SSL certificate

GeoTrust |Trustwave

How to convert a certificate into the appropriate format 

GeoTrust | Comodo



What are the relevant xml commands and parameters?

Below, are some quick links to our API XML guide for commands relevant to  domain-vetted authorization for RapidSSL, GeoTrust & Comodo SSL Certificate registration.

get_order_info

sw_register

update_dv_auth_check

update_order

process_pending

Was this article helpful? 0 out of 0 found this helpful
Have more questions? Submit a request