Simply put, an SSL (Secure Socket Layer) certificate is a digital certtificate that encrypts data between a web server and a browser to make sure that the information passed between the two is private.

There are many different types of certs and it is important to know the right one for you. The main ones are: Extended Validation certificates (EV SSL) This is is the most secure type of certificate you can get and therefore the most expensive. It is the the heavily validated type of cert and it is usually used on sites that collect a lot of customer data and takes payment online. When installed the issued cert will display HTTPS, padlock, business name and country. To get this cert you will have to demonstrate ownership of the domain name, identity verification as well as proof that you are authorized by the company to order the cert. Organization Validated certificates (OV SSL) This is a one level down from EV certs. however it also goes through a very strict validation process. The issued cert will display the site owner's information assuring users of its authenciticy. Unlike the EV, you do not need to go through the identity verification. However, all other steps apply. It is usualy uses on sites that have their users enter private informtion. Domain Validated certificates (DV SSL) This is the simplest type of certificate to get and also has the least verification process. Not surprisingly it is also usually the least expensive. To get this cert you will only have to demomnstrate control of the domain name. Although the browser will still display the HTTPS and padlock, it will no show any business information as this is not validated against a company. This type of cert is usualy used for blog and informational site that do not require users to enter any personal information. Wildcard SSL certificates Wildcard certs are used to secure a domain and unlimited sub-domains. You can get this type of cert in an OV and DV verient only and are easily identified by the asterix (*) and period (.) before the common name. An example of a wildcard can be: *.mydomain.com. This will secure any subdomain left of the first DOT. for example. www.mydomain.com secure.mydomain.com get.mydomain.com

Simply put, a Subject Alternative Name (SAN) is a feature on most certs that allow the user to add more host names to a single certificate. Depending on the cert and its restrictions you may be able to add Fully Qualified Domain Names (FQDN) or just add sub-domains of the common name.

The simplest way to tell if a site has an SSL is to look the the address bar of the browser for the following: The URL begins with HTTPS and not HTTP A padlock is displayed before the URL. You can also click on it to see the details of the cert.

To order your required cert, simply login, go to the Order SSL page and select the type of cert you want. From here you will be able to fill in the required form and submit your request. Be sure to select the specific cert from the dropdown list on the form. Your request will be processed and once issued an invoice will be send to you via email.

Certificate Signing Request (CSR) is an encrypted block of text that is generated on your server. You can think of it as one half of a whole key that is used to request a certificate. During the CSR creation process two halfs of an encrypted key is created, the Private Key, which stays with the user and should never be shared under any circumstace. The second is the Public Key, which is what the CSR is. The Cert is generated with the Public Key which will only match the associated Private Key (PK). Without the right matching Keys the certs cannot be installed and you may need to reissue. Follow this link to learn how to create/generate a CSR.

A private key is generated on the server you generated the CSR on. On Windows servers the private key is contained in the 'Pending Request'. The private key is indeed private and therefore should never be shared. You must use the exact same private key with your certificate when you install the certificate files. If you lose you private Key you will need to create a new CSR therefore generating a new privake key and have the cert reissued with the new CSR.

Once issued your cert will be emailed to you. Please check your SPAM filter to make sure emails haven't been blocked. You can request for a cert to be reissued as many times as you requiure.