Solution – Website Security

Without an SSL/TLS certificate, your web server is susceptible to attack by hackers and is untrusted by web browsers. When a browser flags your site as untrusted, the users of your website will lose confidence in it.

A hacker may eavesdrop on the communication of your users with your website and harvest sensitive information shared with your users such as passwords, confidential user information and credit card information. Furthermore, the hacker may directly attack your users too through the injection of malware in the communication from your web server to the user.

The first step to secure your website is to install a digital certificate to provide end-to-end security between users and your website.

How it works

When a user initiates a secure session to your web server, the web server presents its digital certificate to the user’s browser to verify the identity of the website (authentication). Thereafter, an SSL/TLS handshake occurs between the browser and the web server whereby a shared session key is securely established for the session. This session key is used to encrypt all of the communication between the browser and the server for the duration of the session (confidentiality). Furthermore, data integrity is maintained throughout the session through the use of secure hash functions.


  • Support for most SSL/TLS capable web server and web proxy software including Microsoft IIS, Apache, NGINX, Tomcat, Blue Coat and others
  • Allow clients to establish as secure connection to the server with the following assurances:
    – The server’s identity is provides to the client (authentication)
    – Optionally, the client can also identify itself to the server through the use of a digital certificate (mutual authentication) – this requires each client to be issued with a digital certificate
    – All communication in the session between the client and server is encrypted to protect against eavesdropping (confidentiality)
    – All communication in the session between the client and server is electronically signed (through the use of secure hash functions) to prevent against tampering (integrity)
  • Suitable for the transmission of sensitive transaction data (such as logins and/or credit card details) between the client and the server
  • Conveys a high degree of trust to the users of your website
  • Improves the ranking of your website in search engines
  • Meets the de-facto standard for security required by modern web browsers


Step 1 Choose your SSL/TLS product option
Step 2 Login/register into your account
Step 3 Complete your order and make payment online
Step 4 * Generate your keys and certificate signing request (CSR) on your server and upload your CSR
Step 5 Prove that you own the domain (through either web or email validation)
Step 6 For organization validated (OV) certificates, additionally upload your supporting documents (certified or notarized copies)
Step 7 * Your certificate will be issued; download and install it on your server

* This step varies per server; refer to online support resources for assistance


  • Support for multiple validation options:
    – Domain-validated (DV) certificate; and
    – Organization-validated (OV) certificate
  • All DV and OV certificates available in Standard (single domain), SAN (multiple domain) and wildcard (unlimited subdomain) options
  • Online self-service portal for order processing and full certificate life-cycle management (issuing, reissues, rekeys, revocation and renewals)
  • Free UCC support for Microsoft sub-domains in certificates
  • Free and unlimited certificate re-issues
  • Free and unlimited rekeys
  • Certificates valid for up to 2 years before renewal is required

Technical Specification

  • RSA public-key support for key length 2048-bit and above
  • Support for SHA-2 hash algorithm (256 bit)
  • Digital certificate is fully compliant to X.509v3 specification
  • Fully compatible with SSL v3.0, TLS v1.0, TLS v1.1, TLS v1.2 and TLS v1.3
  • SSL Root Certificate embedded in Microsoft Root Certificate Store
  • Embedding of SSL Root Certificate in Mozilla Root Store Program current in progress
  • Support for both OCSP and CRL revocation checking mechanisms
  • Further Google Chrome support:
    – Certificate Transparency (CT) log integration
    – OneCRL integration for certificate revocation status checking

Difference between DV SSL and OV SSL Certificate

Domain SSL Certificate Organization SSL
Validation level Domain Organization
Assurance level Fast domain validation Strong organization validation
Boosts search engine ranking ico ico
Proves domain ownership/control ico ico
Validates organization’s identity ico
Validates organization contact ico
Certificate contents Domain Name Domain Name
Organization Name, City and Country
Timeframe for issuance Within 1 hour Within 1 day **
Required documents *** None Company registration
Proof of address
Proof of identity (contact)
Letter of authorization

* Organization contact name, title and authority are validated

** Provided that all the required documents are submitted and the certificate signing request (CSR) has been generated and uploaded

*** All documents are required to be certified or notarized before uploading; failure to do so will cause a delay in processing and issuance of the certificate

Difference between Basic, Premium and Wildcard Certificate

Standard Certificate Premium Certificate Wildcard Certificate
Domains protected 1 domain Multiple
Domains *
UCC support ** ico ico ico
Consolidate multiple domains into a single certificate ico
Protect a domain and all its subdomains ico
Suitable for load balancing ico

* Available in additional 5, 10 or 15 SAN (domain) options

** www, owa, mail and autodiscover sub-domains included for free