Follow the instructions mentioned below to get your Digital Certificate issued:

Step 1. Generate a Private Key and Certificate Signature Request (CSR) from your web server

Before you can begin the process of obtaining a Certificate, you must generate a minimum of 1024-bit Private Key and CSR pair, off your web server.

A CSR is basically a Public Key that you generate on your server that validates the computer-specific information about your web server and Organization when you request a Certificate from thawte.

Digital ID's make use of a technology called Public Key Cryptography, which uses Public and Private Key files.

The Public Key, also known as a Certificate Signature Request (CSR), is the key that will be sent to thawte. The CSR that you generate must be signed by atleast a 1024-bit Private Key (thawte will not accept a lower encryption level CSR than 1024-bit).

The Private Key will remain on the server and should never be released into the public. thawte does not have access to your Private Key. It is generated locally on your server and is never transmitted to thawte. The integrity of your Digital ID depends on your private key being controlled exclusively by you.

A CSR cannot be generated without generating a Private Key file nor can the Private Key file be generated without generating a CSR file. In certain web server software platforms like Microsoft IIS, both are generated simultaneously through the Wizard on the web server.

Typically, you will be prompted to enter the following information about your Organization in order to generate the Private Key and CSR (Public Key) pair off the web server:

• Organization Name
• Organizational unit - This maybe either a Sole Proprietorship, Trading As, University Department, University Administration, Government Department, Doing Business As, University Faculty, Public (Listed) Company, Private (Unlisted) Company, Registered Non Profit Organization, Non-Government Organization, Interest Group, Registered Charity.
• Country Code
• State or Province
• Locality
• Common Name - This is the name that distinguishes the Certificate best, and ties it to your Organization. Here you need to enter your exact host and domain name that you wish to secure. This may also be the root server or intranet name for your Organization.
  
  For example,
  
  a. if you wish to secure www.yourdomain.com, then you need to enter www.yourdomain.com as the Common Name. If you just enter yourdomain.com as the Common Name (without the host www), then the Certificate will only get issued to yourdomain.com. Similarly, if you need to secure pay.yourdomain.com, then you need to mention the Common Name as pay.yourdomain.com.
  
  b. if you are buying a Wildcard Server Certificate for securing all sub-domains of your domain name yourdomain.com, then you need to enter the Common Name as *.yourdomain.com; otherwise you will get an error while submitting your CSR.
   

You need to get in touch with your Web Hosting provider and request them to generate a CSR for your business after supplying them the abovementioned information.

Reference:

Private Key and Certificate Signature Request (CSR) generation instructions for different types of web servers >>

Step 2. Validate your Certificate Signature Request (CSR) at thawte

Prior to enrolling for a Digital Certificate, it is recommended that you confirm that nothing is amiss with the CSR that you have generated.

Click here to validate your CSR at thawte >>

Upon submission of a valid CSR, you would be able to view its details in the Certificate Contents area (at the bottom of this page). However, if your CSR is invalid, the Certificate Contents area would appear blank and you would be displayed an error (on the top of this page).

Step 3. Submit your Organization Details, Contact Details and Certificate Details to thawte

Before a Digital Certificate can be issued to you, we need to send a request to thawte with some information about yourself and your business. Follow the process mentioned below to request your Digital Certificate:

1. Login to your Control Panel, search for the domain name for which you have ordered a Digital Certificate and proceed to the Order Details view. Click here to find instructions to do so >>

2. Click on the Enroll Certificate button in the lower toolbar.

3. Mention the following details and click on the Enroll button -

A. Organization Details

• Organization Details - Provide complete details of your organization such as Organization Name, Address, City, Region, Zip, Country and Phone number.

B. Contact Details

• Admin Contact Details - Provide the Admin Contact details while giving special emphasis to the email address that you mention herein. You need to ensure that the email address mentioned herein, matches with the Administrative Contact Email Address as displayed in the whois of the domain name. Please ensure that this information is not kept hidden for anonymity purposes, since the Digital Certificate would be sent to this email address.
   
• Technical Contact Details - You need to ensure that the email address mentioned herein, matches with the Technical Contact Email Address as displayed in the whois of the domain name. Please ensure that this information is not kept hidden for anonymity purposes, since the Digital Certificate would be sent to this email address.
  
  If the Admin Contact Email address matches that of the Technical Contact's, as per the whois of the domain name, then you may simply select the available check box, to set the same details as the Admin Contact's.

C. Approver Email

You need to select one of the following as the Approver Email Address:

• Admin Contact Email Address - as mentioned in the Contact Details section above
   
• Technical Contact Email Address - as mentioned in the Contact Details section above
   
• A pre-determined email address on the domain name for which you are requesting the Certificate - You need to either select admin, administrator, hostmaster, info, SSLadmin, SSLadministrator, SSLwebmaster, sysadmin or webmaster from the drop down list.
   
  IMPORTANT

  In case you are requesting a Digital Certificate for a sub-domain, select an email address on the appropriate domain/sub-domain from the drop-down menu. For example, if you are requesting a Digital Certificate for abc.yourdomainname.com, you may select a pre-determined email address on yourdomainname.com or abc.yourdomainname.com, depending on whether you have email accounts setup on the primary domain name or the sub-domain.

  
  You need to activate this email address before selecting the same here. A pre-determined email address with the domain name is recommended as the Approver Email Address.
   
• support@geotrust.com - This option needs to be selected only in extreme conditions when none of the other email addresses can be used. If you select this option thawte would contact you and determine an alternate Approver Email Address. By selecting this option, your Certificate issuance could be delayed by several business days.

thawte will send an email requesting review and approval, for the Certificate requested to the Approval Email address specified.

D. Certificate Details

• Software Type - Select the Web Server software on which your website/domain name is hosted. The options available are IIS and Other.
   
  IMPORTANT
   

  • If your website/domain name is hosted on Windows server, you need to choose the software type as IIS.
     
  • If your website/domain name is hosted on Linux server, you need to choose the software type as Other.
     
  
  
• Certificate Signature Request - This is the CSR (Public Key) you have generated for the purpose of obtaining a Digital Certificate from thawte.

Step 4. Complete the thawte Authentication formalities

After you have enrolled for a Digital Certificate, thawte would contact you at the Approval Email address specified and may request you to provide them with some documentation such as:

• Proof of Organizational Name
• Proof of Right to Use Domain Name
• Proof of Organizational Telephone Number

Click here to know the documentation needed by thawte before issuing you your Digital Certificate >>

Once you have completed all these formalities, thawte will issue the Certificate and email you a confirmation.

Step 5. Check the Status of your Digital Certificate and retrieve your Digital Certificate

Once you have completed the enrollment process, thawte would begin verifying the data you have submitted to them and once satisfied, issue you your Digital Certificate. You can continue checking the status of your Digital Certificate request from your Control Panel and retrieve the same from your Control Panel itself. Click here to check the status of your Digital Certificate and retrieve the same upon issue >>