How do I purchase a professionally-signed SSL certificate?

Overview

This article only explains how to purchase a Professionally-Signed SSL certificate in your DreamHost panel. This type of certificate costs $15/year and is signed by Sectigo, displaying a certificate seal of trust on your site.

On November 1, 2018, Comodo announced that the company is rebranding to Sectigo. For more information about this, please see the following announcement at Sectigo's website:

Any Comodo certificate issued after January 2019 will reference Sectigo as the certificate authority, while any certificates issued prior to that will still reference Comodo. These are still the same company, and the only difference is the name.

This type of certificate is recommended for e-commerce sites, customer login areas, or any other site that transmit sensitive information.

Before you begin

Before you begin the process to purchase an SSL certificate, make sure you have already created a confirmation email address on your domain. This email may be necessary to finalize the purchase.

This email must be an address on your domain. For example, if your website is 'example.com', make sure you have already created one of the following addresses:

  • admin@example.com
  • administrator@example.com
  • hostmaster@example.com
  • postmaster@example.com
  • webmaster@example.com

View the following article for instructions on how to create an email address:

Your email can be hosted at another company, you just need to make sure that one of the addresses above is active and able to receive email.

If your Nameservers are not pointed to DreamHost

If your Nameservers are NOT hosted at DreamHost, you must add CAA records at your current DNS hosting company before adding an SSL certificate in the DreamHost panel. View the following article for further details.

Purchasing a Signed Certificate in the DreamHost panel

  1. Navigate to the SSL/TLS Certificates page.
  2. To the right of your domain, click the Add button.
  3. Choose the option to add a $15 Comodo (Sectigo) certificate and click 'Select this Certificate'.
  4. Enter your personal and website information.
    • You must fill in ALL of the fields (including the 'Organization name') in order to successfully proceed to the next step. If you don't have an organization name, then enter your first and last name. 'Street 2' and 'Street 3' are optional fields—you can leave those blank if your address does not include any of this info (such as an apt. #).
    • This information is used to generate the Certificate Signing Request (CSR) that is used to generate your new professionally-signed SSL certificate.
    Click Proceed to Next Step when finished.
  5. On the next page, select one of your domain's emails from the dropdown.

    Confirmation address

    This must be an email on your domain. Make sure one of the emails listed in that dropdown has been created on your domain and you are able to receive mail with it. If it does not exist, create this email first before continuing.

    Please note that the process to verify your domain using email is a last resort. This means you may never receive a confirmation email and the SSL will process correctly. However, it's possible you will receive an email if other DCV steps fail to verify. So it's still important to configure this email address. View the following article for further details:

  6. On the last page choose how you'd like to pay. Your options are either credit card or electronic check.
  7. When finished enter your information, click the Submit Payment Now button.

What happens after you purchase it?

Email from DreamHost

You'll soon receive an email from support@dreamhost.com at the Domain Control Validation (DCV) address you selected for this order. This is just a confirmation of your purchase, but it may also ask you to click a link to verify your contact info.

Email from Sectigo

You may also receive a second email from Sectigo. This is part of the DCV process to verify your domain. This is a last option in the DCV process, so it's possible you never receive this email. If you do receive this email from Sectigo, proceed through the steps to complete the verification of your domain.

Most orders are completed and installed within 2 hrs of them being approved, however it could take up to 24 hrs to fully process.

Installing the Sectigo certificate on your website

At this point you have only purchased the Sectigo certificate. It is NOT installed yet. You can see on the SSL/TLS Certificates page that it's listed as 'pending'.

If you click the Settings button to the right, you'll see a 'Temporary' certificate is currently installed.

This temporary certificate will only remain active while your Sectigo certificate is in the process of installing. Once installed, your Sectigo certificate will take its place and become the only active certificate on your domain.

Once the Sectigo certificate is active, the following will display on the SSL/TLS Certificates page to the right of the domain.

Test if the SSL certificate is working

The certificate is now installed on your domain. Visit the secure URL of your website at:

    • https://example.com
Install_Comodo_Cert_08.png

You can see the browser bar shows a lock icon confirming the connection is secure.

If you just installed the certificate, you may need to wait a few hours for it to update online.

Forcing your site to load HTTPS be default

Even after you have added the SSL certificate to your site, visitors will not be able to use it unless they manually type in 'https' before your domain name. This defeats the purpose of adding it in the first place since the certificate is meant to protect all of your website traffic.

There are several ways to fix this. View the following article for instructions on how to create a configuration file to redirect all visitor traffic to the secure version of your URL (https).

Troubleshooting

After installing your certificate, you may find that your browser is still showing an insecure warning when visiting the HTTPS version of your URL. There are a few reasons this could occur. Please view the following article for instructions on how to resolve this issue.

See also

Did this article answer your questions?

Article last updated PST.