Request new certificates

This guide is intended to introduce you to the process of requesting new SSL certificates to secure your domains.

Before proceeding, please ensure you have satisfied the following prerequisites:

  • You have created a Sectigo Authentication Service (SAS) profile

  • You have created, or have been invited to, an account in Sectigo Certificate Manager (SCM)

  • Your account has an active trial or subscription

  • You are, or are in immediate contact with, a network or domain administrator capable of completing domain control validation (DCV)

Step one: Add your domains

In SCM, you can request unlimited certificates for any domains added to your account.

To add domains to your account, do the following:

  1. Navigate to Manage  Domains.

  2. Click Add New.

  3. Enter your fully qualified domain name (FQDN) or wildcard domain.

    Each new FQDN or wildcard domain added to your account results in additional charges.

  4. (Optional) Enter a description that provides any contextual information required.

  5. Click Add Now or Purchase Now.

Step two: Add certificates

There are two primary methods for requesting certificates:

  • Manual — You manually provide a certificate signing request (CSR) and the request is processed by Sectigo. Once the certificate has been issued, it is available in SCM Pro to be downloaded and installed on your web server. These certificates can be manually renewed through SCM Pro.

  • Automated — Using a supported ACME client paired with an ACME account in SCM Pro, you can automatically enroll for certificates for specified domains. Once issued by Sectigo, the certificate is automatically installed on your web server and can be automatically renewed when approaching expiration.

Add a manual certificate

To add a manual certificate, do the following:

  1. Navigate to the Certificates page, and click Add New.

  2. Select Manual Certificate, and click Continue.

  3. Enter your certificate details based on the information provided in the following table.

    Field Description

    Certificate Profile

    The certificate profile determining the type of certificate and applicable restrictions (such as allowed terms and key types).

    Term Length

    The certificate’s validity period.

    Comments

    Additional information or context related to the certificate.

    Notifications

    The email addresses for all stakeholders who should receive email notifications about the certificate.

  4. Click Next.

  5. Upload or paste your CSR, and click Next.

  6. Review and update the domains included in the certificate based on the information provided in the following table.

    Field Description

    Common Name

    The primary domain name for which the certificate is to be issued.

    Subject Alternative Names (SANs)

    Secondary domain names for which the certificate is valid.
    Each new fully qualified domain name (FQDN) or wildcard domain added to your account results in additional charges.

  7. If prompted, add the domains to your account.

    1. Click Add Domains.

    2. In the Add New Domain dialog, review the new domain details, and click Purchase Now/Add Now.

  8. Select your preferred validation method, and click Next.

  9. Click Next.

  10. Review your certificate details, and accept the terms of service.

  11. Click Submit.

  12. Complete domain validation for each domain.

    1. On the DCV page, click Details beside a domain.

    2. Follow the on screen instructions.

    3. Repeat this process for each domain.

To perform DCV at a later time, navigate to Certificates, click Manage beside the certificate, and select the DCV tab.

The new certificate is now displayed on the Certificates page for management.

Add an automated certificate

To add an ACME automated certificate, do the following:

The following instructions assume that you are authorized to install and manage the ACME client on your customer’s web server. If you are not authorized, you must collaborate with your customer to complete the installation of the ACME client and its connection to an ACME account in SCM Pro.

  1. Navigate to the Certificates page, and click Add New.

  2. Select Automated Certificate, and click Continue.

  3. Select your web server and ACME client.

  4. Click Continue.

  5. Select an ACME server.

  6. Configure your ACME client and account.

    Option Steps

    Existing server
    This requires an existing ACME account in SCM Pro that is connected to your ACME client.

    1. Select Existing Server.

    2. In a terminal, navigate to your ACME client install location, and run the provided command to confirm installation.

    3. In SCM Pro, click Next.

    4. Select your ACME account.

    5. Click Next.

    New server

    1. Select New Server.

    2. Configure your ACME client.

      1. If you have not already done so, install your ACME client using the client’s official documentation.

      2. In a terminal, navigate to your client install location, and run the provided command to confirm installation.

    3. In SCM Pro, click Next.

    4. Enter a name for your new ACME account.

    5. Click Next.

  7. Enter the domains to be included in your certificate.

    Each new fully qualified domain name (FQDN) or wildcard domain added to your account results in additional charges.

  8. Once you have entered all domains, click Add Domains.

  9. In the Add New Domain dialog, review your purchase details, and click Purchase Now/Add Now.

  10. Click Next.

  11. In a terminal, navigate to your client install location, and run the provided command to complete configuration.

  12. In SCM Pro, click Validate.

The new certificate is now displayed on the Certificates page for management.