To order EV certificates from DigitalTrust CA, the requesting organization and domains must be validated and approved according to the relevant policies and procedures. The following documents and information should be provided for DigitalTrust to start the validation process:
After receiving all the relevant documents along with the application form, DigitalTrust shall initiate the vetting process for complete verification of details provided by the applicant to ensure maximum security for users. The process includes the following steps:
Once the above verifications are complete, DigitalTrust shall commence issuance and delivery of the EV certificate. Please note that this process is compliant with the guidelines specified by CA/B Forum.
To order OV certificates from DigitalTrust CA, the requesting organisation and domains must be validated and approved according to the relevant policies and procedures. The following documents and information should be provided for DigitalTrust to start the validation process:
After receiving all the relevant documents along with the application form, DigitalTrust shall initiate the vetting process for complete verification of details provided by the applicant to ensure maximum security for users. The process includes the following steps:
Once the above verifications are complete, DigitalTrust shall commence issuance and delivery of the OV certificate. Please note that this process is compliant with the guidelines specified by CA/B Forum.
To order Individual Certificates from DigitalTrust CA, the details (such as name, email, organisation name and domain) in the request must be validated and approved according to the relevant policies and procedures.
Wildcard certificates can be issued for OV certificates. According to
the guidelines from CAB forum, the use of wildcard certificates are not
allowed for EV certificates.
As of September 1st 2020, DigitalTrust offers publicly-trusted TLS certificates with 1-year validity only.
RSA key is a cryptosystem utilized in secure data transmission with
large keys to provide strong encryption. RSA keys have been utilized by
many organizations and have a strong and well established backing.
ECC (Elliptic Curve Cryptography) Key is a cryptosystem that is utilized
in secure data transmission with small keys that provide equal strength
to RSA. The benefit of the smaller keys is that they have lower CPU
consumption and low memory usage so it caters to smaller devices which
are becoming more readily available with the IoT.
Before creating a certificate request it is a good idea to verify that your apache website is working as expected.
Try accessing your site locally using http in a web browser.
It is also a good idea to make sure that you can access your website remotely. If there are any problems they will be easier to diagnose to fix before configuring certificates.
IMPORTANT: The private key needs to be stored securely at all times after creation. Make sure the private key does not leave the server and has appropriate access rights.
Two files will be created: private key and CSR file. User the CSR file to issue a certificate from CA authority.
A CSR should look like this:
The following steps are for Microsoft Exchange 2010
The following steps are for Internet Information Services Versions 5 & 6
The following steps are for Internet Information Services Versions 7 & 8
The following steps are for JBOSS
Note: for the following commands the fields inside the [ ] must be changed, excluding the [ ], to match your situation. Example: -keystore [Common Name].jks can be -keystore www.digitaltrust.ae.jks
The following steps are for NGINX utilizing Open SSL
The following steps are for Tomcat
This will be split into two processes, the first will be the creation of a New Keystore while the second will be generating a CSR from that keystore.
Creating a New Keystore
Before requesting a new certificate it is important to create a new keystore, even if you have a keystore for a previous certificate.
Generating a CSR from the Keystore
The following steps are for your Intermediate Certificate supplied by the CA
The following steps are for your SSL certificate supplied by the CA
Note: You need to be able to sudo as root / have root access to your server to be able to preform the commands below. Our guide will utilize the sudo command so if you are able to login as root, disregard the sudo portion of the commands below
Extract your certificate files and then copy them to your server using the [Terminal]The following steps are for your SSL certificate supplied by the CA
The following steps are for your SSL certificate supplied by the CA
4.Select the [Directory Security] tab
5.Launch the [Web Server Certificate Wizard] by clicking on [Server Certificate] under the [Secure Communications] menu.
6.You have now successfully installed your secure server certificate.
The following steps are for your SSL certificate supplied by the CA
8.Choose the [Bindings] option from the [Actions] menu on the right hand side
9.Click [Add] in the [Site Bindings] window
10.On the [Add Site Bindings] window choose the follow options:
11.Restart Internet Information Services(IIS) to complete your certificate installation
The following steps are for your SSL certificate supplied by the CA
The following steps are for your SSL certificate supplied by the CA
Import the SSL Certificate into the keystore
Configure Web Container
The following steps are for your SSL certificate supplied by the CA
After you have your downloaded Certificate Bundle, which comes as a [.pem] file continue through the following steps
Type and execute the following command utilizing your keystore file name and alias name from your keystore and Certificate Signing Request