Ask a Question

Alert ID : INFO202

Last Modified : 05/18/2018

Symantec SSL Certificate Enrollment

Description

Step by Step Overview

During the enrollment process, you will need the following information:

  1. The length of time you require the certificate to be valid (up to 3 years for some certificates)
  2. The number of servers hosting a single domain
  3. The server platform
  4. The organization, organizational unit, country, state or locality
  5. Payment information and a billing contact
  6. The common name. the host + domain name such as “www.symantec.com” or “symantec.com”. Subject Alternative Name (SAN) is available as well (can secure up to 25 total domain names in a single server).
  7. An email and telephone number where Symantec can reach you to validate the information
  8. A CSR generated from the server you need to secure

To start the enrollment for an SSL certificate, go to Symantec SSL certificatess.

Once Symantec has validated the information provided, you will receive an email with installation instructions and a text file containing your approved SSL certificate.

Authentication and Verification

Upon completion of the enrollment process, Symantec will authenticate your certificate application to verify that your organization exists and is registered with the proper government authorities. Symantec will confirm that:

  • The Organization has a valid registration
  • The Organization owns/has rights to use the domain name listed in the common name field of the Certificate Signing Request (CSR)
  • The Corporate Contact is employed by or associated with the organization listed in the distinguished name
  • The Corporate Contact is aware of the certificate request
  • The Technical Contact listed is authorized to obtain the SSL certificate
The steps taken to verify the above information differs by certificate type. For example, Extended Validation SSL certificates require Symantec to confirm that the Corporate Contact is authorized by the organization to approve and request EV SSL certificates, that the Technical Contact has the authority to obtain the SSL certificate, and confirm the physical address of the organization.

Name Information

The organization name submitted with the CSR must match the business registration certificate for the organization. In the case of EV SSL certificates, the country, state and locality must match the location where the organization is registered. For example, Symantec is a corporation registered in Delaware, therefore, the CSR for EV SSL certificates must list Delaware not California where the servers may be located.

Correct Formatting

Do not use any shift characters in any of the enrollment fields. If your company has an & or @ symbol in its name, you must spell out the symbol or omit it in the enrollment field. An error 105 in CSR generation is usually caused by a character such as @, #, $, or % in one of the enrollment fields.

The locality is the city or town. State or province names must be spelled out without abbreviations, “California,” for example. Countries must be specified by the two-letter country code without punctuation: US for the United States, CA for Canada, etc.

Common Name

The Common Name is the Host + Domain Name. It looks like "www.symantec.com" or "symantec.com".

Symantec SSL certificates can only be used on Web servers hosting the Common Name specified during enrollment. For example, an SSL certificate for the domain "symantec.com" will receive a warning if accessing a site named "www.symantec.com" or "secure.symantec.com", because "www.symantec.com" and "secure.symantec.com" are different from "symantec.com".