Custom Domain Step 2: SSL


Now that you have your Certificate Signing Request (CSR), you are ready to purchase your Wildcard SSL Certificate. Make sure it is from a reliable SSL provider like RapidSSL. In order to complete this process, you will need to ensure that you have the following:

  • The CSR that you generated, opened in a plain text editor
  • An admin@ email account for your custom domain (e.g. admin@example.com), or the ability to create new email accounts through your domain registrar.
  • A valid credit/debt card

Note

We highly recommend that you purchase your certificate through RapidSSL. Although other options do exist, we cannot guarantee that you won't experience issues in the future with your certificate. Some users have had problems on certain mobile browsers, for instance, after purchasing their cert through a different provider. Further, our support team is better able to assist you with a RapidSSL certificate, than with other options.

It also is important to be aware that you will have the option to choose between an SHA-1 certificate and an SHA-2 certificate.

You MUST make sure that you choose to purchase a WILDCARD certificate with SHA-2. We do NOT support SHA-1 certificates.

- Google announced that they will be gradually sunsetting certificates with SHA-1. Please find below some more reading material on SHA-1 vs SHA-2 SSL certificates:


To purchase your certificate:

1. Start by visiting the RapidSSL Wildcard Certificate page, and clicking 'buy/renew'

2. A window will appear, with a step by step wizard to assist you in the checkout process. The first screen will ask you to confirm your subscription option for the new certificate, and add additional details where necessary.

3. Next you will be asked to enter some basic contact and billing information - fill out all required fields and click 'continue'

4. On the subsequent screen, RapidSSL will ask you to provide the CSR that you generated previously. You are expected to copy/paste the entire contents of the CSR into the field labeled 'Certificate Signing Request'. Go back to the plain text editor where you have your CSR opened, highlight all of its contents and copy/paste them into the appropriate field.

5. RapidSSL will now ask you to verify the contents of your CSR - review this output and click 'continue' if everything looks correct.

6. As a security measure, RapidSSL provides a list of email addresses to which they can send your certificate. If you do not have any accounts set up that correspond to those provided, please return to your domain registrar and create a new account that matches one of the options in this list. Once you have done this, select the correct email address and click 'continue'

7. Finally, you will be asked for your credit card details. Enter those details here, and click 'continue'

Once you have completed the checkout process on RapidSSL, they will need a little bit of time to complete your order.

You will receive an order confirmation email soon after submitting your purchase, and generally within 24 hours you will also receive an email that contains your certificate.

Please also use the Chain Certificate to provide better support for older browsers and Android mobile:

- Rapid SSL Certificate Chain:
https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO26459

- Comodo SSL Certificate Chain (only if you're purchasing a Comodo SSL Certificate).
https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/620/1/

Contact us to confirm your eligibility - (you can still use other SSL certificates verified for your domain if you prefer)


Once you have this email, please move on to Step 3: Generating your DNS Name