Home  |  Product Listing  |  Contact Us  |  Online Chat  |  Create Account  Order Now   My Account
Secure128 - Your Security Solutions Specialist



 
Home:  Support > Frequently Asked Questions

Frequently Asked Questions

Topics

GeoTrust FAQ

Geotrust Answers

Q: Who is Secure128 and why choose us to buy GeoTrust SSL certificates?
A: Secure128 is a Certified Authorized GeoTrust Platinum Partner and one of the fastest growing SSL partners today. We are a Business member of the Georgia Chamber of Commerce and soon we will become a BBB Online Reliability Participant/Better Business Bureau member under our parent company RSoft Consulting, Inc. We are a Verified Authorized.Net Merchant.

Q:What is a GeoTrust Server Certificate?
A: A GeoTrust certificate is a way to ensure safe transmission of sensitive information (such as personal data or credit card numbers) between client and server by providing identity authentication and data encryption. GeoTrust SSL Web server Certificates are compatible with Microsoft Internet Explorer® 5.01 and higher, AOL 5.0 and higher, Netscape Communicator 4.7 and higher, Mozilla Firefox 1.0 and higher, Opera 7 and higher, and Apple Safari 1.0 and higher, comprising an estimated 99% or more of all Web browsers in use on the Internet.

Q: What Web servers are compatible with GeoTrust SSL Certificates?
A: GeoTrust SSL Certificates are compatible with all major Web servers. Click here to see

Q: What is a Certificate Authority (CA)?
A: The Certificate Authority (CA) is the organization that creates and regulates the policy and procedure for authenticating, issuing, renewing, and suspending digital certificates. Working with the Registration Authority (RA), the CA authorizes certificates and ensures the legitimacy of participating parties.

Q: How do I create a certificate signing request?
A: View our certificate-signing request generation instructions (CSR) instructions.

Q: How do I install my GeoTrust SSL Certificate?
A: View the GeoTrust SSL Certificate Installation instructions.

Q: Does Secure128 offer any kind of trial period for any SSL certificates?
A: Secure128 does offer trial on all GeoTrust SSL certificates. If you purchase a new SSL certificate from us and decide it’s not the correct one or it doesn't work as intended, you have a 30 day cancellation window.

Q: Does Secure128 accept Purchase Orders?
A: We accept Purchase Orders with a minimum purchase of $250 USD. Please contact us directly to set up with this option.

Q: Do you support customers outside the USA?
A: We accept customers from most countries outside the USA with a major credit card like Visa, MasterCard or Discover. According to GeoTrust Repository, certificates cannot be issued to the following countries: Angola, Ascension, Cuba, Czechoslovakia, Libya, Iran, Iraq, Afghanistan, North Korea and Syria.

Q: Do you offer any kind of refund once my GeoTrust SSL certificate has been issued?
A: If the certificate does not work as intended and you need to cancel or refund, We will cancel or refund fees following issuance or renewal of a True BusinessID, QuickSSL, QuickSSL Premium, or EV Certificate upon request by the Subscriber within thirty (30) days of issue date.

Q: What is a "single-root" SSL certificate and are GeoTrust SSL certificates chained?
A: All GeoTrust certificates are single root certificates. GeoTrust is a spinoff of Equifax Secure. In 2001, GeoTrust acquired Equifax Secure, which included the Equifax root certificates. Unlike other companies which issue certificates off chained roots or license roots from third parties like GoDaddy, Comodo or Network Solutions, GeoTrust owns the root and is not dependent on another root provider. Chained certificates tend to be seen on the low end of the SSL market and require more installation assistance than a single root cert. Plus not all browsers today support chained SSL certificates so the ubquity is lower.

Back to Top

Q: What is the QuickSSL Premium"Domain Validated issuance" process?
A: The QuickSSL and QuickSSL Premium certificates are vetted by the WHOIS info on the actual domain. Once you place an order by selecting an email address of the WHOIS, GeoTrust will send an approver email acknowledgment for the order. All that person needs to do is simply click on the link and approve the order. The certificate will be emailed by GeoTrust to the technical contact on the order, usually in 10 minutes.

Q: What is the True BusinessID "Organization Vetted" issuance process?
A: You will need to provide proof of organization documents like business license, articles of incorporation, DUNS, or any legal document issued by state, local or federal government. Once you submit the order, please fax your information directly to GeoTrust. If its a GeoTrust renewal order, this is not necessary if all information on the company is current.

Q: Are your SSL certificates the same as if I went directly to the GeoTrust site?
A: Our certificates are 100% the exact same certificates you would buy if you went directly to GeoTrust. The only difference will be the cost you pay. We are tied into the GeoTrust API ordering portal so the minute you place an order with us, it is received by GeoTrust. The ordering experience will be the exact same process too. Plus all order correspondence comes directly from GeoTrust, meaning the approver email with the Quick SSL and Premium certificates comes from GeoTrust. The actual GeoTrust SSL certificate will be emailed to you directly from GeoTrust client services.

Q: How much will my Secure128 renewal cost me for my GeoTrust SSL?
A: Our renewal prices are the same as our new SSL certificate prices. So if the new price of a QuickSSL is $99 today, the renewal price for QuickSSL will be the same.

Q: Does GeoTrust offer any kind of Reissue Policy on any of their SSL certificates?
A: Every GeoTrust SSL certificate issued comes with free lifetime reissues for the life of your SSL certificate for the exact same fully-qualified-domain name. To qualify for reissuance, all existing core certificate details must remain the same (including fully qualified domain name). Generate a new Certificate Signing Request (CSR) on your web server and go here

Q: What if the WHOIS info for my domain is not right?
A: You can always update the WHOIS admin/tech contact information on file for your domain at the registrar where your domain is registered. Regristrars do this at least 1-2 times a day. Simply contact them to have them update this information. Another option is to setup one of the generic email addresses for the domain, such as admin, administrator, root, hostmaster, webmaster, ssladmin, sysadmin and postmaster @yourdomain.com.

Q: Can I renew my GeoTrust SSL certificate with Secure128 even though I bought it from the GeoTrust retail site or through another provider?
A: Yes you can. It doesn't matter where you bought your GeoTrust certificate. All you will need is a new CSR to place the order with us. Since we are tied into the GeoTrust API ordering portal, we will add up to 3 months on any existing GeoTrust certificate. So you can renew early and reap the benefits of getting extra months added on to your certificate.

Q: How will I know when to renew my GeoTrust SSL certificate if I buy it from Secure128?
A: Whether you buy from us or GeoTrust directly, you will be notified by GeoTrust as early as 90 days with regards to renewing your certificate. The renewal notices will go out to the technical and admin contact on the orders.

Q: Do GeoTrust SSL Certificates Support OWA (Outlook Web Access)?
A: Yes, all GeoTrust certificates support OWA.

Q: What SSL certificate turns the address bar GREEN in IE7?
A: The True BusinessID with EV can turn the address bar green. We offer it at a discounted rate. GeoTrust retail is $899 yr.

Q: What does a GeoTrust SSL certificate look like? A: Here is an example of what it would look like: -----BEGIN CERTIFICATE-----
MIIDPjCCAqegAwIBAgIDB31EMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZ
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcwNTI5MTg1NjMyWhcNMTAwNTI5MTg1Nj
WjCByDELMAkGA1UEBhMCVVMxGzAZBgNVBAoTEnNpdGVzLm5ldC1ibHVlLm5ldD
MBEGA1UECxMKR1Q5OTQwMDAxMTExMC8GA1UECxMoU2VlIHd3dy5nZW90cnVzd
b20vcmVzb3VyY2VzL2NwcyAoYykwNzE3MDUGA1UECxMuRG9tYWluIENvbnRyb2wg
VmFsaWRhdGVkIC0gUXVpY2tTU0wgUHJlbWl1bShSKTEbMBkGA1UEAxMSc2l0Z
bmV0LWJsdWUubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4Jj
UbF2SilUNowB9wIvFO4Aw7Wux03HJae//CMBhKPDcpcy1L6D45C8ZJPgss95/5Ge
lv7sFHNpHzlZWcW/B0P+MWMsy+oYIPBSasMpv4o/1mVg8ub3GZGJOcL/dT6BDCvX
eUABmSVP20rvTpJqqLNMxNdK50b2lX4riQIDAQABo4GuMIGrMA4GA1UdDwEB/wQE
AwIE8DAdBgNVHQ4EFgQUkLVhe5JldIXulp/NcmJQ7QK5mwQwOgYDVR0fBDMwM
oC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9zZWN1cmVjYS5jcmww
HwYDVR0jBBgwFoAUSOZo+SvSspXXR9gjIBBPM5iQn9QwHQYDVR0lBBYwFAYIKw
BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBQUAA4GBAJxjLb7KYs2S39F
kaiduTbZyZdKkbXEqB55QhIa06EKBj8+RJEEUEtjSYqZONoAXj7XdNs0BVzi4seI
0QsszKuPIe17Kmh4cN/ -----END CERTIFICATE-----

Q: What do I buy if I have multiple domain names? Will one SSL certificate work for all of them?
A:
Per licensing agreements, one SSL certificate will work for one fully-qualified domain name (FQDN) only. A CSR will generate only one qualified domain name. We recommend that if you needing to secure multiple domain names, we suggest the Power Server ID for up to 4 domains and the True Business ID Wildcard if you have multiple subdomains on 1 server.

Q: What is the QuickSSLPremium with SAN and do you sell it?
A: Yes, we sell the product. QuickSSLPremium with SANs is a global digital certificate that enables up to 256-bit encryption for up to 4 server names with 1 certificate.

Q: Can I purchase multiple licenses of a single SSL certificate and are these token based certificates?
A: All GeoTrust certificates are unlimited servers/licenses, there is no need to worry about it.

Back to Top

Q: What is a X.509 SSL certificate and does GeoTrust offer that?
A: X.509 is a standard for public key infrastructure. All GeoTrust certificates are X.509 compliant. View more information regarding X.509.

Q: How does a digital certificate work and what is the encryption strength of GeoTrust certificates?
A: After authenticating identity, the CA issues digital certificates, which also contain a matched pair of electronic keys, the public key and the private key.When the customer contacts a website, the public key is sent to the customer, and attaches itself and encrypts data that is transmitted back to the website (such as personal information). Upon receipt, the private key recognizes the public key, and then decrypts the information. A similar exchange of public and private keys occurs to confirm the identity of the parties, thus ensuring that only the intended recipient has access to the information, so privacy and security is maintained. All GeoTrust SSL certificates support up to 256-bit encryption. This of course is all dependent on your browser supporting 256 bit encryption from your browser to the webserver.

Q: What GeoTrust SSL certificates work with smartphones and other PDA devices?
A: We recommend the Quick SSL Premium, True Business ID and the EV certificate.

Q: Do all GeoTrust SSL certificates come with any site seal?
A: Yes, all GeoTrust certificates come with a site seal you can display.
View more information.

Q: How long does it take to issue a GeoTrust True BusinessID certificate?
A: Typically it takes GeoTrust 1-2 business days to issue this certificate. If its a renewal certificate and nothing has changed with your company information like address/phone number, the certificate will be issued normally in a few hours. You will be notified when the verification process is complete. If your order has been accepted, you will receive your SSL certificate via email by GeoTrust client services.

Q: How long does it take to issue a GeoTrust True Business ID with EV certificate?
A: Typically it can take up to 7-10 days. View more information with regards to the requirements.

Q: What GeoTrust SSL certificate supports subdomains? How many sub domains can I secure with a Wildcard certificate?
A: Geotrust offers a wildcard certificate called True Business ID Wildcard. It is used to secure unlimited sub domains that share a common domain name that reside on 1 physical server.

Q: How do I generate a CSR?
A: If you have access to your server, you can generate the CSR. Otherwise, your hosting company will need to help you. We offer specific instructions on how to generate a CSR depending on the type of server you have. View information. If you have any questions, please contact us.

Q: What does a completed CSR look like? A: Here is an example of what it would look like: -----BEGIN CERTIFICATE-----
MIIDPjCCAqegAwIBAgIDB31EMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTA
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZS
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcwNTI5MTg1NjMyWhcNMTAwNTI5MTg
WjCByDELMAkGA1UEBhMCVVMxGzAZBgNVBAoTEnNpdGVzLm5ldC1ibHVlLm5
MBEGA1UECxMKR1Q5OTQwMDAxMTExMC8GA1UECxMoU2VlIHd3dy5nZW90cn
b20vcmVzb3VyY2VzL2NwcyAoYykwNzE3MDUGA1UECxMuRG9tYWluIENvbnRyb
VmFsaWRhdGVkIC0gUXV
-----END CERTIFICATE-----

Q: What symbols can’t I use in my CSR?
A:
The following characters may cause problems: < > ~ ! @ # $ % ^ / \ ( ) ?&. This includes commas. - Generally it would be best to use alphabetic and numeric characters for all your input fields, including the passwords. Characters like "/", "#", and sometimes even the period "." and comma "," may cause problems.

Q: What do I use for the Common Name (CN) when ordering a GeoTrust True Business ID Wildcard certificate?
A: Wildcard certificates can save you time and money in acquiring and managing multiple server certificates. Wildcard certificates can secure multiple fully qualified domains if they share the same base domain name and reside on the same physical server and share the same second level domain name. For example, if you need to secure the following websites: www.yourdomain.com secure.yourdomain.com product.yourdomain.com info.yourdomain.com download.yourdomain.com anything.yourdomain.com and all of these websites are hosted on the same server box, you can purchase and install one wildcard certificate issued to *.yourdomain.com to secure all these sites.

Q: Does GeoTrust offer any kind of warranty coverage for any of thier SSL certificates?
A: Yes, each product comes with a Netsure warranty

Q: How many years can I purchase a GeoTrust certificate for?
A: It varies by product but you can buy most certificates up to 5 years. By doing so, we offer multi year discounts. Our discounts start at 25% and go up from there.

Q: How can we contact you?
A: You can contact us by email at support@secure128.com or by calling us directly at 877-824-6434, 8am-8pm EST.

Back to Top

Symantec FAQ

Q: What is Secure Sockets Layer (SSL)?
A: The Secure Sockets Layer protects data transferred over http using encryption enabled by a server's SSL Certificate. An SSL Certificate contains a public key and a private key. A public key is used to encrypt information and a private key is used to decipher it. When a browser points to a secured domain, an SSL handshake authenticates the server and the client and establishes an encryption method and a unique session key. They can begin a secure session that protects message privacy and message integrity.

Q: What encryption strength do I need for my Web site?
A: Best security practices are to install a unique certificate on each server and choose a True 128-bit Certificate by purchasing a Server Gated Cryptography (SGC)-enabled SSL Certificate. A unique certificate keeps your private keys protected, and an SGC-enabled certificate ensures that every site visitor, no matter what browser or operating system they use, connects at the highest level of encryption their system is capable of. You need 128-bit or better encryption if you process payments, share confidential data, or collect personally identifiable information such as social security or tax ID number, mailing address, or date of birth. You need 128-bit or better encryption if your customers are concerned about the privacy of the data they send to you.

Q: What is Server Gated Cryptography (SGC)?
A: Prior to January 2000, U.S. government restrictions on U.S. vendors prevented the export of "strong" cryptography. As a result, many people purchased computers with operating systems and/or used export version browsers that supported only 40- or 56-bit SSL encryption. "Server Gated Cryptography" ("SGC") was developed to enable those restricted computers and export version browsers to "step up" to 128-bit SSL encryption. Without an SGC certificate on the Web server, Web browsers and operating systems that do not support 128-bit strong encryption will receive only 40- or 56-bit encryption. Users with the following browser versions and operating systems will temporarily step-up to 128-bit SSL encryption if they visit a Web site with an SGC-enabled SSL Certificate

Q: Is 128-bit SSL encryption really stronger than 40-bit SSL encryption?
A: Absolutely. When an SSL handshake occurs between a client and server, a level of encryption is determined by the browser, the client computer operating system, and in certain situations the SSL Certificate. Low-level encryption, 40- or 56-bits, is acceptable for sites with low-value information. However, a hacker with the time, tools, and motivation can crack the code in a matter of minutes. High-level encryption, at 128-bits, can calculate 288 times as many combinations as 40-bit encryption. That’s over a trillion times a trillion times stronger. That same hacker with the same tools would require a trillion years to break into a session protected by an SGC-enabled certificate.

Q: Do Symantec SSL Certificates work with all browsers?
A: Symantec® SSL Certificates work with virtually every Web browser that ever shipped and all popular Web browsers used since 1996. Symantec SSL Certificates offer the highest browser compatibility achieved by any SSL Certificate.

Q: Why is it important for Symantec to verify my business identity during enrollment?
A: To protect against fraud and phishing sites, Web visitors look for evidence of encryption and third-party authentication of the Web site’s business identity. When you request an SSL Certificate or a Managed PKI for SSL account or pre-approve your organization from within your Symantec Certificate Center Enterprise Account, Symantec verifies the existence of your business, the ownership of your domain name, and your employment status. We may require official government documentation proving your right to do business. We use the verified information to display in the address bar of high security browsers protected by Extended Validation SSL and in our Symantec Secured Seal pop-up window.
Our authentication and verification procedures are based on years of practice authenticating commercial businesses. These procedures are audited annually by KPMG using Statement of Auditing Standard 70 Type II, established by the American Institute of Certified Public Accountants. Symantec is a leading Certificate Authority, securing more than one million Web servers.

Q: What will I need to provide in order for Symantec to verify my business identity?
A: Symantec must verify the existence of your business, the ownership of your domain name, and your employment status or authority to request the SSL Certificate. We may require official government documentation proving your right to do business. These may include:

  • Articles of Incorporation
  • Certificate of Formation
  • Charter Documents
  • Business License
  • Doing Business As
  • Registration of Trade Name
  • Partnership Papers
  • Fictitious Name Statement
  • Vendor/Reseller/Merchant License
  • Merchant certificate

If we cannot automatically authenticate your company's management responsibility for the domain name that is associated with the SSL Certificate, we will require an authorization letter from that domain's owner. This step prevents applicants from fraudulently or accidentally obtaining SSL Certificates for inappropriate domains.

Q: What type of documentation does Symantec require for Extended Validation SSL Certificates?
A: If we cannot automatically authenticate your company's management responsibility for the domain name that is associated with the SSL Certificate, we will require an authorization letter from that domain's owner. This step prevents applicants from fraudulently or accidentally obtaining SSL Certificates for inappropriate domains. In addition to the requirements described above, a legal opinion letter may be required to confirm that the requestor has the authority to obtain SSL Certificate(s) on behalf of the company. The legal opinion letter also may be used to confirm the organization registration, organization address, telephone number, domain ownership, and the organization’s business status. The physical address may, alternatively, be confirmed by a physical site visit. Once confirmed, the requestor may be able to purchase additional SSL Certificates based on the original letter. If a legal opinion letter cannot be obtained, our Certification Practice Statement outlines alternate authentication and verification processes.

Q: How long does verification take?
A: Authentication for new certificates could take as little as 1 hour or up to several days, depending on the verification information you provide and whether or not your certificates are pre-approved. Symantec can authenticate your organizational and contact information and store the information’s pre-approved status for future certificate requests when you purchase units using a Symantec Certificate Center Enterprise Account. When you submit a certificate request that contains the authenticated information, Symantec needs only to verify the domain. If your organization is the legal holder of the domain, you can expect to receive your certificate within 1 hour of your request. Processing times for Extended Validation SSL Certificates may take longer due to additional verification requirements mandated by the Extended Validation (EV) SSL Guidelines.

Q: What is Extended Validation (EV) SSL?
A: In 2006, the CA Browser Forum, a group of leading SSL Certificate Authorities (CAs) and browser vendors, approved standard practices for certificate validation and visibility called the Extended Validation (EV) SSL Guidelines. To issue an SSL Certificate that complies with the standard, a CA must adopt the extended certificate validation practices and pass an audit. When shoppers visit a Web site secured with an EV SSL Certificate, high-security browsers will trigger the address bar to turn green and display the name of the organization listed in the certificate as well as the Certificate Authority. The browser and the Certificate Authority control the display, making it difficult for phishers and counterfeiters to hijack your brand and your customers.

Q: What is a high-security browser?
A: Web browsers that emerged after the development of the Extended Validation (EV) standard established by the CA/Browser forum and that were developed to recognize EV SSL Certificates are considered high-security browsers. They are designed to trigger unique visual cues to indicate the presence of an EV SSL Certificate. For instance, Internet Explorer 7 shows a green address bar and displays the name of the organization listed in the certificate as well as the certificate’s security vendor. These displays make it easier for Web site visitors to quickly establish trust with the Web sites they visit. Microsoft® Internet Explorer 7 and Firefox 3 are examples of high-security browsers.

Q: What is a Certification Authority (CA)?
A: When Symantec issues an SSL Certificate, we act as a Certificate Authority (CA). Symantec digitally signs each certificate we issue. Each browser contains a list of CAs to be trusted. When the SSL handshake occurs, the browser verifies that the server certificate was issued by a trusted CA. If the CA is not trusted, a warning will appear. When high-security browsers recognize an Extended Validation SSL Certificate, they sometimes display the name of the CA as well as the name of the Certificate owner. Because Symantec is the most trusted and recognized CA on the Internet (see Symantec Secured Seal Research Review (PDF)), the presence of the Symantec name can lend an additional level of trust for site visitors. The Symantec Trial Root CA is for testing purposes only and is not registered in any browser’s trust list.

Q: What is a Certificate Signing Request (CSR)?
A: The CSR is a string of text generated by your server software. You provide this string of text to Symantec during the enrollment process. To generate a CSR, you will need to know what kind of server software is running on your Web server.

Q: Can I secure multiple servers with a single certificate?
A: The Symantec certificate subscriber agreement prohibits customers from using a certificate on more than one physical server or device at a time, unless the customer has purchased the Licensed Certificate Option. When private keys are moved among servers—by disk or by network—accountability and control decrease, and auditing becomes more complex. By sharing certificates on multiple servers, enterprises increase the risk of exposure and complicate tracing access to a private key in the event of a compromise. Symantec’s licensing policy allows licensed certificates to be shared in the following configurations: redundant server backups, server load balancing, and SSL accelerators. See Licensing Symantec Certificates: Securing Multiple Web Server and Domain Configurations (PDF) for more information.

Back to Top

thawte FAQ

Q: Who is Secure128 and why choose us for thawte SSL certificates?
A: Secure128 is an Authorized thawte Premiere Partner and one of the fastest growing SSL partners today. We are a Business member of the Georgia Chamber of Commerce under our parent company RSoft Consulting, Inc. We are also a Verified Authorized.Net Merchant. We take pride in offering our customers and partners the lowest possible pricing for thawte SSL certificates and excellent customer service.

Q: What is a thawte Server Certificate?
A: A thawte certificate is a way to ensure safe transmission of sensitive information (such as personal data or credit card numbers) between client and server by providing identity authentication and data encryption. thawte SSL Certificates Web server certificates are compatible with Microsoft Internet Explorer® 5.01 and higher and Netscape/AOL Web browsers version 6.x and higher, Netscape Navigator 4.51 and 6.x, and Opera 7 comprising an estimated 99% or more of all Web browsers in use on the Internet.

Q: What Web servers are compatible with thawte SSL Certificates?
A: thawte SSL Certificates are compatible with all major Web servers. To see the full list click here

Q: What is a Certificate Authority (CA)?
A: The Certificate Authority (CA) is the organization that creates and regulates the policy and procedure for authenticating, issuing, renewing, and suspending digital certificates. Working with the Registration Authority (RA), the CA authorizes certificates and ensures the legitimacy of participating parties.

Q: How do I create a certificate signing request?
A: See our certificate-signing request generation instructions (CSR) instructions located here

Q: Does Secure128 accept Purchase Orders?
A: We do with a minimum purchase of $250 USD. Please contact us directly to have you set up with this option.

Q: Do you support customers outside the USA like Australia, Europe and Asia?
A: As long as you don’t live in the countries mentioned, we accept customers outside the USA with a major credit card like Visa, MasterCard and Discover. According to thawte Repository they cannot issue to these countries: Angola, Ascension, Cuba, Czechoslovakia, Libya, Iran, Iraq, Afghanistan, North Korea, Syria, and Yugoslavia.

Q: Do you offer any kind of refund once my thawte SSL certificate has been issued?
A: If the certificate does not work as intended and you need to cancel or refund, Secure128 will cancel or refund fees following issuance or renewal of any thawte Certificate we offer upon request by the Subscriber within seven (7) days of issue date.

Q: What is a "single-root" SSL certificate and are thawte SSL certificates chained?
A: All thawte certificates are single root certificates. Unlike other companies which issue certificates off chained roots or license roots from third parties like Go Daddy, Comodo or Network Solutions, thawte owns the root and is not dependent on another root provider. Chained certificates tend to be seen on the low end of the SSL market and require more installation assistance than a single root cert. Plus not all browsers today support chained SSL certificates so the ubiquity is lower.

Q: What is the thawte SSL 123 "Domain Validated issuance" process?
A: The thawte123 certificates are available in minutes if you are listed with an accredited online registrar. There can be delays in issuance if your domain is not registered with an accredited online registrar

Q: What is the SGC and SSL Web server "Manual Vetted" issuance process?
A: You will need to provide proof of organization documents like business license, articles of incorporation, DUNS, or any legal document issued by state, local or federal govt. Once you submit the order, please fax your information directly to thawte if it’s a thawte renewal order, then you don’t have to if all information on the company is current.

Q: Are your SSL certificates the same if I went directly off the thawte site?
A: Our certificates are 100% the exact same certificates you would buy if you went directly to thawte. The only difference will be the cost you pay. We are tied into the thawte API ordering portal so the minute you place an order with us, it is received by thawte. The ordering experience will be the exact same process too. Plus all order correspondences comes directly from thawte. The actual thawte SSL certificate will be emailed to you directly from thawte.

Q: How much will my Secure128 renewal cost me?
A: Our renewal prices are listed for all thawte certificates on the site.

Q: Does thawte offer any kind of Reissue Policy on any of their SSL certificates?
A: Every thawte SSL certificate issued comes with free lifetime reissues for the life of your SSL certificate for the exact same fully-qualified-domain name. To qualify for reissuance, all existing core certificate details must remain the same (including fully qualified domain name). Generate a new Certificate Signing Request (CSR) on your web server and get a reissue here

Q: What if the WHOIS info for my domain is not right?
A: You can always update the WHOIS admin/tech contact information on file for your domain at the registrar where your domain is registered. Registrars do this at least 1-2 times a day. Simply contact them to have them update this information.

Q: Can I renew my thawte SSL certificate with you directly even though I bought it off the thawte retail site or thru another provider?
A: Yes you can. It doesn’t matter where you bought your thawte certificate. All you will need is a new CSR to place the order with us.

Q: How will I know when to renew my thawte SSL certificate if I buy it from Secure128?
A: You will be notified by us as early as 90 days with regards to renewing your certificate. The renewal notices can be customized within the Secure128 portal.

Q: What does a thawte SSL certificate look like anyway?
A: Here is an example of what it would look like

-----BEGIN CERTIFICATE-----
CDERDPjCCA555sdcvGdIBAgIDB31EMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAY
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcwNTI5MTg1NjMyWhcNMTAwNTI5MTg1NjMy
WjCByDELMAkGA1UEBhMCVVMxGzAZBgNVBAoTEnNpdGVzLm5ldC1ibHVlLm5ldDET
MBEGA1UECxMKR1Q5OTQwMDAxMTExMC8GA1UECxMoU2VlIHd3dy5nZW90cnVzdC5j
b20vcmVzb3VyY2VzL2NwcyAoYykwNzE3MDUGA1UECxMuRG9tYWluIENvbnRyb2wg
VmFsaWRhdGVkIC0gUXVpY2tTU0wgUHJlbWl1bShSKTEbMBkGA1UEAxMSc2l0ZXMu
bmV0LWJsdWUubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4JjOAzwIW
UbF2SilUNowB9wIvFO4Aw7Wux03HJae//CMBhKPDcpcy1L6D45C8ZJPgss95/5Ge
lv7sFHNpHzlZWcW/B0P+MWMsy+oYIPBSasMpv4o/1mVg8ub3GZGJOcL/dT6BDCvX
eUABmSVP20rvTpJqqLNMxNdK50b2lX4riQIDAQABo4GuMIGrMA4GA1UdDwEB/wQE
AwIE8DAdBgNVHQ4EFgQUkLVhe5JldIXulp/NcmJQ7QK5mwQwOgYDVR0fBDMwMTAv
oC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9zZWN1cmVjYS5jcmww
HwYDVR0jBBgwFoAUSOZo+SvSspXXR9gjIBBPM5iQn9QwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBQUAA4GBAJxjLb7KYs2S39F8kvqX
kaiduTbZyZdKkbXEqB55QhIa06EKBj8+RJEEUEtjSYqZONoAXj7XdNs0BVzi4seI
0QsszKuPIefr6hhtyrry/ -----END CERTIFICATE-----

Q: Can I purchase multiple licenses of a single SSL certificate and are these token based certificates?
A: When placing an order, you will be given an opportunity to select how many licenses you need. thawte certificates are token based certificates like Symantec. So as an example, if you needed to buy a thawte certificate for 1 year with 2 licenses, you would select 1 yrs as the length and 2 server licenses.

Q: What is a X.509 SSL certificate and does thawte offer that?
A: X.509 is a standard for public key infrastructure. All thawte certificates are X.509 compliant.

Q: How does a digital certificate work and what is the encryption strength of thawte certificates?
A: After authenticating identity, the CA issues digital certificates, which also contain a matched pair of electronic keys, the public key and the private key. When the customer contacts a website, the public key is sent to the customer, and attaches itself and encrypts data that is transmitted back to the website (such as personal information). Upon receipt, the private key recognizes the public key, and then decrypts the information. A similar exchange of public and private keys occurs to confirm the identity of the parties, thus, ensuring that only the intended recipient has access to the information, so privacy and security is maintained. All thawte SSL certificates support up to 256-bit encryption. This of course is all dependent on your browser supporting 256 bit encryption from your browser to the web server.

Q: Do all thawte SSL certificates come with a site seal?
A: Yes, all thawte certificates come with a site seal you can display.

Q: How long does it take to issue a thawte SGC, Wildcard or SSL Web server certificate?
A: Typically it takes thawte 2-4 business days to issue this certificate. If it’s a renewal certificate and nothing has changed with your company information like address/phone number, the certificate will be issued normally in a few hours. You will be notified when the verification process is complete. If your order has been accepted, you will receive your SSL certificate via email by thawte.

Q: What thawte SSL certificate supports sub domains? How many sub domains can I secure with a Wildcard certificate?
A: thawte offers a wildcard certificate. It is used to secure unlimited sub domains that share a common domain name that reside on 1 physical server.

Q: How do I generate a CSR?
A: If you have access to your server, you can generate the CSR otherwise your hosting company will need to help you. We offer specific instructions on how to generate a CSR depending on the type of server you have located here. If you have any questions, please contact us.

Q: What does a CSR look like?
A: -----BEGIN NEW CERTIFICATE REQUEST-----
MIIDPjCCAqegAwIBAgIDB31EMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcwNTI5MTg1NjMyWhcNMTAwNTI5MTg1NjMy
WjCByDELMAkGA1UEBhMCVVMxGzAZBgNVBAoTEnNpdGVzLm5ldC1ibHVlLm5ldDET
BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBQUAA4GBAJxjLb7KYs2S39F8kvqX
kaiduTbZyZdKkbXEqB55QhIa06EKBj8+RJEEUEtjSYqZONoAXj7XdNs0BVzi4seI
0QsszKuPIe17Kmh4cN/ztP0sUWI7EdPEQZkCxFFQL88FlBPJi5UO7Ud55VDxdhL0
h9BbUwObaM3vTCEt+EtGwucU
-----END NEW CERTIFICATE REQUEST-----

Q: What symbols can’t I use in my CSR?
A: If any illegal characters are in one of the dn fields.
The following characters may cause problems: < > ~ ! @ # $ % ^ / \ ( ) ?&. This includes commas. - Generally it would be best to use alphabetic and numeric characters for all your input fields, including the passwords. Characters like "/", "#", and sometimes even the period "." and comma "," may cause problems.

Q: What do I use for the Common Name (CN) when ordering a thawte Wildcard certificate?
A: Wildcard certificates can save you time and money in acquiring and managing multiple server certificates. Wildcard certificates can secure multiple fully qualified domains if they share the same base domain name and reside on the same physical server and share the same second level domain name. For example, if you need to secure the following websites: www.yourdomain.com
secure.yourdomain.com
product.yourdomain.com
info.yourdomain.com
download.yourdomain.com
anything.yourdomain.com
and all of these websites are hosted on the same server box, you can purchase and install one wildcard certificate issued to *.yourdomain.com to secure all these sites.

Back to Top

Q: Who is Secure128 and why choose us for thawte SSL certificates?
A: Secure128 is an Authorized thawte Premiere Partner and one of the fastest growing SSL partners today. We are a Business member of the Georgia Chamber of Commerce under our parent company RSoft Consulting, Inc. We are also a Verified Authorized.Net Merchant. We take pride in offering our customers and partners the lowest possible pricing for thawte SSL certificates and excellent customer service.

Q: What is a thawte Server Certificate?
A: A thawte certificate is a way to ensure safe transmission of sensitive information (such as personal data or credit card numbers) between client and server by providing identity authentication and data encryption. thawte SSL Certificates Web server certificates are compatible with Microsoft Internet Explorer® 5.01 and higher and Netscape/AOL Web browsers version 6.x and higher, Netscape Navigator 4.51 and 6.x, and Opera 7 comprising an estimated 99% or more of all Web browsers in use on the Internet.

Q: What Web servers are compatible with thawte SSL Certificates?
A: thawte SSL Certificates are compatible with all major Web servers. To see the full list click here

Q: What is a Certificate Authority (CA)?
A: The Certificate Authority (CA) is the organization that creates and regulates the policy and procedure for authenticating, issuing, renewing, and suspending digital certificates. Working with the Registration Authority (RA), the CA authorizes certificates and ensures the legitimacy of participating parties.

Q: How do I create a certificate signing request?
A: See our certificate-signing request generation instructions (CSR) instructions located here

Q: Does Secure128 accept Purchase Orders?
A: We do with a minimum purchase of $250 USD. Please contact us directly to have you set up with this option.

Q: Do you support customers outside the USA like Australia, Europe and Asia?
A: As long as you don’t live in the countries mentioned, we accept customers outside the USA with a major credit card like Visa, MasterCard and Discover. According to thawte Repository they cannot issue to these countries: Angola, Ascension, Cuba, Czechoslovakia, Libya, Iran, Iraq, Afghanistan, North Korea, Syria, and Yugoslavia.

Q: Do you offer any kind of refund once my thawte SSL certificate has been issued?
A: If the certificate does not work as intended and you need to cancel or refund, Secure128 will cancel or refund fees following issuance or renewal of any thawte Certificate we offer upon request by the Subscriber within seven (7) days of issue date.

Q: What is a "single-root" SSL certificate and are thawte SSL certificates chained?
A: All thawte certificates are single root certificates. Unlike other companies which issue certificates off chained roots or license roots from third parties like Go Daddy, Comodo or Network Solutions, thawte owns the root and is not dependent on another root provider. Chained certificates tend to be seen on the low end of the SSL market and require more installation assistance than a single root cert. Plus not all browsers today support chained SSL certificates so the ubiquity is lower.

Q: What is the thawte SSL 123 "Domain Validated issuance" process?
A: The thawte123 certificates are available in minutes if you are listed with an accredited online registrar. There can be delays in issuance if your domain is not registered with an accredited online registrar

Q: What is the SGC and SSL Web server "Manual Vetted" issuance process?
A: You will need to provide proof of organization documents like business license, articles of incorporation, DUNS, or any legal document issued by state, local or federal govt. Once you submit the order, please fax your information directly to thawte if it’s a thawte renewal order, then you don’t have to if all information on the company is current.

Q: Are your SSL certificates the same if I went directly off the thawte site?
A: Our certificates are 100% the exact same certificates you would buy if you went directly to thawte. The only difference will be the cost you pay. We are tied into the thawte API ordering portal so the minute you place an order with us, it is received by thawte. The ordering experience will be the exact same process too. Plus all order correspondences comes directly from thawte. The actual thawte SSL certificate will be emailed to you directly from thawte.

Q: How much will my Secure128 renewal cost me?
A: Our renewal prices are listed for all thawte certificates on the site.

Q: Does thawte offer any kind of Reissue Policy on any of their SSL certificates?
A: Every thawte SSL certificate issued comes with free lifetime reissues for the life of your SSL certificate for the exact same fully-qualified-domain name. To qualify for reissuance, all existing core certificate details must remain the same (including fully qualified domain name). Generate a new Certificate Signing Request (CSR) on your web server and get a reissue here

Q: What if the WHOIS info for my domain is not right?
A: You can always update the WHOIS admin/tech contact information on file for your domain at the registrar where your domain is registered. Registrars do this at least 1-2 times a day. Simply contact them to have them update this information.

Q: Can I renew my thawte SSL certificate with you directly even though I bought it off the thawte retail site or thru another provider?
A: Yes you can. It doesn’t matter where you bought your thawte certificate. All you will need is a new CSR to place the order with us.

Q: How will I know when to renew my thawte SSL certificate if I buy it from Secure128?
A: You will be notified by us as early as 90 days with regards to renewing your certificate. The renewal notices can be customized within the Secure128 portal.

Q: What does a thawte SSL certificate look like anyway?
A: Here is an example of what it would look like

-----BEGIN CERTIFICATE-----
CDERDPjCCA555sdcvGdIBAgIDB31EMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAY
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcwNTI5MTg1NjMyWhcNMTAwNTI5MTg1NjMy
WjCByDELMAkGA1UEBhMCVVMxGzAZBgNVBAoTEnNpdGVzLm5ldC1ibHVlLm5ldDET
MBEGA1UECxMKR1Q5OTQwMDAxMTExMC8GA1UECxMoU2VlIHd3dy5nZW90cnVzdC5j
b20vcmVzb3VyY2VzL2NwcyAoYykwNzE3MDUGA1UECxMuRG9tYWluIENvbnRyb2wg
VmFsaWRhdGVkIC0gUXVpY2tTU0wgUHJlbWl1bShSKTEbMBkGA1UEAxMSc2l0ZXMu
bmV0LWJsdWUubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4JjOAzwIW
UbF2SilUNowB9wIvFO4Aw7Wux03HJae//CMBhKPDcpcy1L6D45C8ZJPgss95/5Ge
lv7sFHNpHzlZWcW/B0P+MWMsy+oYIPBSasMpv4o/1mVg8ub3GZGJOcL/dT6BDCvX
eUABmSVP20rvTpJqqLNMxNdK50b2lX4riQIDAQABo4GuMIGrMA4GA1UdDwEB/wQE
AwIE8DAdBgNVHQ4EFgQUkLVhe5JldIXulp/NcmJQ7QK5mwQwOgYDVR0fBDMwMTAv
oC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9zZWN1cmVjYS5jcmww
HwYDVR0jBBgwFoAUSOZo+SvSspXXR9gjIBBPM5iQn9QwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBQUAA4GBAJxjLb7KYs2S39F8kvqX
kaiduTbZyZdKkbXEqB55QhIa06EKBj8+RJEEUEtjSYqZONoAXj7XdNs0BVzi4seI
0QsszKuPIefr6hhtyrry/ -----END CERTIFICATE-----

Q: Can I purchase multiple licenses of a single SSL certificate and are these token based certificates?
A: When placing an order, you will be given an opportunity to select how many licenses you need. thawte certificates are token based certificates like VeriSign. So as an example, if you needed to buy a thawte certificate for 1 year with 2 licenses, you would select 1 yrs as the length and 2 server licenses.

Q: What is a X.509 SSL certificate and does thawte offer that?
A: X.509 is a standard for public key infrastructure. All thawte certificates are X.509 compliant.

Back to Top

Q: How does a digital certificate work and what is the encryption strength of thawte certificates?
A: After authenticating identity, the CA issues digital certificates, which also contain a matched pair of electronic keys, the public key and the private key. When the customer contacts a website, the public key is sent to the customer, and attaches itself and encrypts data that is transmitted back to the website (such as personal information). Upon receipt, the private key recognizes the public key, and then decrypts the information. A similar exchange of public and private keys occurs to confirm the identity of the parties, thus, ensuring that only the intended recipient has access to the information, so privacy and security is maintained. All thawte SSL certificates support up to 256-bit encryption. This of course is all dependent on your browser supporting 256 bit encryption from your browser to the web server.

Q: Do all thawte SSL certificates come with a site seal?
A: Yes, all thawte certificates come with a site seal you can display.

Q: How long does it take to issue a thawte SGC, Wildcard or SSL Web server certificate?
A: Typically it takes thawte 2-4 business days to issue this certificate. If it’s a renewal certificate and nothing has changed with your company information like address/phone number, the certificate will be issued normally in a few hours. You will be notified when the verification process is complete. If your order has been accepted, you will receive your SSL certificate via email by thawte.

Q: What thawte SSL certificate supports sub domains? How many sub domains can I secure with a Wildcard certificate?
A: thawte offers a wildcard certificate. It is used to secure unlimited sub domains that share a common domain name that reside on 1 physical server.

Q: How do I generate a CSR?
A: If you have access to your server, you can generate the CSR otherwise your hosting company will need to help you. We offer specific instructions on how to generate a CSR depending on the type of server you have located here. If you have any questions, please contact us.

Q: What does a CSR look like?
A: -----BEGIN NEW CERTIFICATE REQUEST-----
MIIDPjCCAqegAwIBAgIDB31EMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcwNTI5MTg1NjMyWhcNMTAwNTI5MTg1NjMy
WjCByDELMAkGA1UEBhMCVVMxGzAZBgNVBAoTEnNpdGVzLm5ldC1ibHVlLm5ldDET
BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBQUAA4GBAJxjLb7KYs2S39F8kvqX
kaiduTbZyZdKkbXEqB55QhIa06EKBj8+RJEEUEtjSYqZONoAXj7XdNs0BVzi4seI
0QsszKuPIe17Kmh4cN/ztP0sUWI7EdPEQZkCxFFQL88FlBPJi5UO7Ud55VDxdhL0
h9BbUwObaM3vTCEt+EtGwucU
-----END NEW CERTIFICATE REQUEST-----

Q: What symbols can’t I use in my CSR?
A: If any illegal characters are in one of the dn fields.
The following characters may cause problems: < > ~ ! @ # $ % ^ / \ ( ) ?&. This includes commas. - Generally it would be best to use alphabetic and numeric characters for all your input fields, including the passwords. Characters like "/", "#", and sometimes even the period "." and comma "," may cause problems.

Q: What do I use for the Common Name (CN) when ordering a thawte Wildcard certificate?
A: Wildcard certificates can save you time and money in acquiring and managing multiple server certificates. Wildcard certificates can secure multiple fully qualified domains if they share the same base domain name and reside on the same physical server and share the same second level domain name. For example, if you need to secure the following websites: www.yourdomain.com
secure.yourdomain.com
product.yourdomain.com
info.yourdomain.com
download.yourdomain.com
anything.yourdomain.com
and all of these websites are hosted on the same server box, you can purchase and install one wildcard certificate issued to *.yourdomain.com to secure all these sites.

Back to Top

 


Secure128 Customer Reviews

CONTACT SECURE128
877-824-6434
770-783-2610
Online Chat
Inquiry by Email
    Price Match Guarantee
Request Lower Pricing

    30-Day Refund Policy
All SSL Certificates are fully refundable within 30 days of purchase
Products
Symantec SSL
GeoTrust SSL
Thawte SSL
Code Signing
PCI Compliance
Domain Registration
IT Security Services
Why Choose Secure128?