Browse our Knowledge Base by category.
If you have made a mistake while submitting your Digital Certificate request, then you may Cancel your Order before the certificate is actually issued to you. Follow the below mentioned process to cancel your Digital Certificate:
Login to your Control Panel. 1 Search for the Digital Certificate and proceed to the Order Details view. 2 Click the Cancel Order link. If you are sure that you wish to abort your Ordering process, you may click the Confirm Cancellation button. In the popup window, you need to type YES (in capital letters) and click OK to complete this process.
The Digital Certificate Status interface allows you to both check the Status of Digital Certificate as well as retrieve the same upon issue. A Digital Certificate may be issued to you:
After you have Enrolled for a Certificate OR After you have requested your Digital Certificate to be Reissued OR After you have requested Renewal of your Digital Certificate.
To check the status of your request and retrieve your issued Digital Certificate
Login to your Control Panel. 1 Search for the Digital Certificate and proceed to the Order Details view. 2 Click the Check Certificate Status link. Here you would see the status of your Digital Certificate, under the following heads: Digital Certificate Status This would list the Certificate Status alongwith status of the verification process of your Company Registration (Pending/Verified), Domain Ownership (Pending/Verified), Tel No. (Pending/Verified) and Verification Status (Pending/Issued/Revoked). Once the Certificate has been issued, this section would display the following: Serial No.: This is a hexadecimal serial number issued by thawte to uniquely identify your Digital Certificate. Certificate: When a Digital Certificate is issued to you, it would be available in this text box. Your Digital Certificate would be encapsulated within these tags -----BEGIN CERTIFICATE----- [Encoded Data] -----END CERTIFICATE----- You need to copy the entire contents of this text box (including the above tags) and install it on your Web Server Software. Digital Certificate Details Here you would find important information related to your Certificate order and the Digital Certificate after it is issued. Is Renewable: You can renew your Digital Certificate within 90 days prior to its Expiry. However, it will only be issued 32 days before your current Certificate expires. The status of this field will become Yes only 90 days prior to its Expiry and otherwise display No. 3 Is Reissueable: The status of this field would remain as No until a Digital Certificate is issued. Post that this field would list Yes until the Digital Certificate expires or the Certificate gets Revoked. 4
A Digital Certificate allows you to establish your credentials when doing business or other transactions on the Web. You can present a Digital Certificate electronically to prove your identity or your right to access information or services online.
Digital Certificates, bind an identity to a pair of electronic keys that can be used to encrypt and sign digital information. A Digital Certificate makes it possible to verify someone's claim that they have the right to use a given key, helping to prevent people from using phony keys to impersonate other users. Used in conjunction with encryption, Digital Certificates provide a more complete security solution, assuring the identity of all parties involved in a transaction.
A Digital Certificate is issued by a Certification Authority (CA) and signed with the CA's private key. A Digital Certificate typically contains the following:
Owner's public key Owner's name Expiration date of the public key Name of the issuer (the CA that issued the Digital Certificate) Serial number of the Digital Certificate Digital signature of the issuer
Uses of a Digital Certificate
If you are running a virtual mall, electronic banking website or any other electronic services website then customers may abandon your website due to concerns about privacy and security. A server with its own Digital Certificate assures users that the server is run by the organisation it claims to be affiliated with and that the content provided is legitimate.
Digital Certificates can be used for a variety of electronic transactions including e-mail, electronic commerce, groupware and electronic funds transfers.
For example: A customer shopping at an electronic mall requests the Digital Certificate of the server to authenticate the identity of the mall operator and the content provided by the merchant. Without authenticating the server, the shopper would not trust the operator or merchant with sensitive information like a credit card number. The Digital Certificate is instrumental in establishing a secure channel for communicating any sensitive information back to the mall operator.
To Delete a Digital Certificate
Login to your Control Panel. 2 Search for the Digital Certificate and proceed to the Order Information view. 3 Click the Delete link. Click the Confirm Deletion button, if you are sure that you wish to delete your Digital Certificate. In the popup, enter YES (in capital letters) and click the OK button. An email requesting approval for revocation will be sent from thawte to the Admin Contact Email Address associated with the Digital Certificate. Once the revocation has been approved, the certificate will be deleted under our system.
Once you have been issued a thawte Digital Certificate, you need to install the same on your website. You may also wish to display the thawte Trusted Site Seal that confirms to your website visitors that your site is secured by thawte and the date until when your Digital Certificate is valid.Retrieving and Displaying the thawte Trusted Site Seal on your website
Visit https://www.thawte.com/ssl/secured-seal/index.html?click=main-nav-products-siteseal. Click the DOWNLOAD YOUR THAWTE TRUSTED SITE SEAL button. Select your Site Seal by specifying the following details: Language for the seal and the seal verification page. Size of the seal display Layout for your seal Common name for your Digital Certificate.
Select the I accept the Conditions of Use for the Thawte Trusted Site Seal. checkbox.
Click the CREATE SCRIPT button.
Click Select all to select the code generated.
Copy the code directly into your webpage code.
Digital IDs make use of a technology called Public Key Cryptography, which uses Public and Private Key files.
The Public Key, also known as a Certificate Signature Request (CSR), is the key that will be sent to thawte. The Public Key is generated on your server and validates the computer-specific information about your web server and Organization when you request a Certificate from thawte.
The Private Key will remain on the server and should never be released into the public. thawte does not have access to your Private Key. It is generated locally on your server and is never transmitted to thawte. The integrity of your Digital ID depends on your Private Key being controlled exclusively by you.
A CSR can not be generated without generating a Private Key file. Similarly the Private Key file can not be generated without generating a CSR file. In certain web server software platforms like Microsoft IIS, both are generated simultaneously through the Wizard on the web server.
Typically, you will be prompted to enter the following information about your Organization in order to generate the Private Key and CSR (Public Key) pair from the web server:
Organization Name Organizational unit: This maybe either a Sole Proprietorship, Trading As, University Department, University Administration, Government Department, Doing Business As, University Faculty, Public (Listed) Company, Private (Unlisted) Company, Registered Non Profit Organization, Non-Government Organization, Interest Group, Registered Charity. Country Code State or Province Locality Common Name: This is the name that distinguishes the Certificate best, and ties it to your Organization. Here you need to enter your exact host and domain name that you wish to secure. This may also be the root server or intranet name for your Organization. Example: If you wish to secure www.yourdomain.com, then you need to enter www.yourdomain.com as the Common Name. If you just enter yourdomain.com as the Common Name (without the host www), then the Certificate will only get issued to yourdomain.com. Similarly, if you need to secure pay.yourdomain.com, then you need to mention the Common Name as pay.yourdomain.com. If you are buying a Wildcard Server Certificate for securing all sub-domains of your domain name yourdomain.com, then you need to enter the Common Name as *.yourdomain.com; otherwise you will get an error while submitting your CSR.
You need to get in touch with your Web Hosting provider and request them to generate a CSR for your business after supplying them the above mentioned information. If you have bought Web Hosting for this domain name with Zinist India, then you may generate a CSR yourself from your own Control Panel.
Follow the instructions mentioned below to get your Digital Certificate issued:
Step 1. Generate a Private Key and Certificate Signature Request (CSR) from your web server
Before you begin the process of obtaining a Certificate, you must generate a minimum of 2048-bit Private Key and CSR pair from your web server. 1
Step 2. Submit your Organization Details, Contact Details and Certificate Details to thawte
Before a Digital Certificate can be issued to you, we need to send a request to thawte with some information about yourself and your business. Follow the process mentioned below to request your Digital Certificate:
Login to your Control Panel. 2 Search for the Digital Certificate and proceed to the Order Details view. 3 Click the Enroll Certificate link. Mention the following details and click the Enroll button: A. Organization Details Provide complete details of your organization such as Organization Name, Address, City, Region, Zip, Country and Phone number. B. Contact Details Admin Contact Details: Provide the Admin Contact details while giving special emphasis to the email address that you mention herein. You need to ensure that the email address mentioned herein, matches with the Administrative Contact Email Address as displayed in the Whois of the domain name. Please ensure that this information is not kept hidden for anonymity purposes, since the Digital Certificate would be sent to this email address. Technical Contact Details: You need to ensure that the email address mentioned herein, matches with the Technical Contact Email Address as displayed in the Whois of the domain name. Please ensure that this information is not kept hidden for anonymity purposes, since the Digital Certificate would be sent to this email address. If the Admin Contact Email address matches that of the Technical Contact's, as per the Whois of the domain name, then you may simply select the available check box, to set the same details as the Admin Contact's.
C. Approver Email
You need to select one of the following as the Approver Email Address:
Admin Contact Email Address: as mentioned in the Contact Details section above Technical Contact Email Address: as mentioned in the Contact Details section above A pre-determined email address on the domain name for which you are requesting the Certificate - You need to either select admin, administrator, hostmaster, webmaster or postmaster from the drop down list You need to activate this email address before selecting the same here. A pre-determined email address with the domain name is recommended as the Approver Email Address. firstname.lastname@example.org: This option needs to be selected only in extreme conditions when none of the other email addresses can be used. If you select this option thawte would contact you and determine an alternate Approver Email Address. By selecting this option, your Certificate issuance could be delayed by several business days.
thawte will send an email requesting review and approval, for the Certificate requested to the Approver Email Address specified.
D. Certificate Details
Software Type: Select the Web Server software on which your website/domain name is hosted. The options available are IIS and Other. Certificate Signature Request: This is the CSR (Public Key) you have generated for the purpose of obtaining a Digital Certificate from thawte.
Step 3. Complete the thawte Authentication formalities
After you have enrolled for a Digital Certificate, thawte would contact you at the Approver Email Address specified and may request you to provide them with some documentation such as:
Proof of Organizational Name Proof of Right to Use Domain Name Proof of Organizational Telephone Number
Once you have completed all these formalities, thawte will issue the Certificate and email you a confirmation.
Step 4. Check the Status of your Digital Certificate and retrieve your Digital Certificate
Once you have completed the enrollment process, thawte would begin verifying the data you have submitted to them and once satisfied, issue you your Digital Certificate. You can continue checking the status of your Digital Certificate request from your Control Panel and retrieve the same from your Control Panel itself. 4
Once you have been issued your Digital Certificate, you need to install it on your web server. 1
In order to manage your Digital Certificate Orders, you need to search for them from within your Control Panel with Zinist India, and access their Order Information view.
To List/Search and Manage Digital Certificate Orders
Login to your Control Panel: For Resellers: 1 For Customers: 2 For Resellers: Products -> List All Orders. For Customers: Manage Orders -> List/Search Orders. Search for the Digital Certificate Orders by selecting Digital Certificate under the For Product drop-down menu.
You would generally need to reissue your Digital Certificate in the following events:
You lose your Private Key, OR You lose your Private Key Passphrase, OR Your Private Key file gets compromised due to the server being hacked, OR You wish to make changes to the domain name for which you have issued a Digital Certificate. This could be because of the following reasons: Host name was left out when the Key/CSR pair was generated on the server, Example: The Private Key/CSR pair was generated on the server for yourdomain.com but the domain name being secured is www.yourdomain.com. Incorrect host name filled in when the Key/CSR pair was generated on the server, Example: The Private Key/CSR pair was generated on the server for secure.yourdomain.com but the domain name being secured is shoppingcart.yourdomain.com. Host name changes, provided that the Top Level Domain (TLD) remains the same, Example: The Certificate was requested for secure.yourdomain.com but the secure area is now being moved to shopping.yourdomain.com. OR You wish to change the Web Server Software Platform where your Digital Certificate has been installed: This could be because of the following reasons: Incorrect server software was selected during the enrollment process Moving to a different ISP or Hosting Company OR Your Organizational Unit changes.
thawte Digital Certificates have a lifespan of 1 or 2 years, depending upon the validity period you chose at the time of purchase. You can renew your Digital Certificate within 90 days prior to its Expiry and upto 90 days post Expiry. However, thawte will issue the Digital Certificate only 32 days before your current Certificate expires. This allows you to request your Renewal Certificate timorously and prevents any warnings for your website users which would have been displayed if your existing Certificate would have expired.
The Server Gated Cryptography (SGC) digital certificate is our premium SSL certificate, providing the highest possible protection in all circumstances. The SGC SuperCert offers 256-bit encryption in all browsers (released after Microsoft Internet Explorer 4.x or Netscape 4.06). In older-browsers it ensures a minimum of 128-bit encryption to 99.9% of all users, even if the user's browser supports only 40-bit or 56-bit encryption.
Web Server Certificate
The thawte SSL Web Server Certificate offers comprehensive authentication procedures (domain name and identity verification). It also offers 256, 128, 56 or 40-bit encryption depending on your client's browser capability and the cipher suite installed on your web server. This ensures that information is kept private while in transit between your web server and your client's web browsers.
Web Server Certificate Features and Benefits
SSL123 is thawte's entry level certificate which provides validation that your domain is registered and that you have authorized the purchase of the certificate. Through SSL encryption, the certificate assures that information is kept private between your web server and your client's web browsers.
Wildcard Server Certificate
The thawte Web Server Wildcard Certificate allows you to conveniently secure multiple sub-domain names on one domain name on the same server using *.yourdomainname.com pattern for the common name. You need not spend time, money and effort on obtaining certificates for different sub-domain names on a domain name.
The Wildcard Server Certificate offers comprehensive authentication procedures (domain name and identity verification). It also offers 256, 128, 56 or 40-bit encryption depending on your client's browser capability and the cipher suite installed on your web server. This ensures that information is kept private between your web server and your client's web browsers.
Digital Certificates that would suit your business
Depending upon the type of application/interface you wish to secure, you may choose one of the four digital certificates sold by Zinist India:
A Digital Certificate by itself can be used to secure a domain name, on a single server only. Each additional server that you plan to host your domain name on, would also need to be similarly secured; and that's where an Additional License is needed. It licenses usage of the same digital certificate across multiple servers.
The advantage of buying Additional Licenses as compared to multiple digital certificates is that, it removes the delay in issuance caused due to generation of a Certificate Signing Request (CSR), completing the Enrollment process and then undergoing the authentication process conducted by thawte. Moreover, Additional Licenses work out to be a much cheaper solution than buying individual digital certificates.