This article only explains how to purchase a Professionally-Signed SSL certificate in your DreamHost panel. This type of certificate costs $15/year and is signed by Sectigo, displaying a certificate seal of trust on your site.
Any Comodo certificate issued after January 2019 references Sectigo as the certificate authority, while any certificate issued prior to this date references Comodo. Both names refer to the same company.
This type of certificate is recommended for eCommerce sites, customer login areas, or any other site that transmit sensitive information.
Before you begin
Before you begin the process to purchase an SSL certificate, make sure you have already created a confirmation email address on your domain. This email may be necessary to finalize the purchase.
This email must be an address on your domain. For example, if your website is example.com, make sure you have already created one of the following addresses:
View the following article for instructions on how to create an email address:
Your email can be hosted at another company, you just need to make sure that one of the addresses above is active and able to receive email.
If your Nameservers are not pointed to DreamHost
If your Nameservers are NOT hosted at DreamHost, you must add CAA records at your current DNS hosting company before adding an SSL certificate in the DreamHost panel. View the following article for further details.
Purchasing a Signed Certificate in the DreamHost panel
- Navigate to the SSL/TLS Certificates page.
- To the right of your domain, click the Add button.
- Choose the option to add a $15 Sectigo certificate and then click the Select this Certificate button.
- Enter your personal and website information.
- You must fill in ALL of the fields (including the 'Organization name') in order to successfully proceed to the next step. If you don't have an organization name, then enter your first and last name. 'Street 2' and 'Street 3' are optional fields—you can leave those blank if your address does not include any of this info (such as an apt. #).
- This information is used to generate the Certificate Signing Request (CSR) that is used to generate your new professionally-signed SSL certificate.
- On the next page, select one of your domain's email addresses from the dropdown list, and then click the Proceed to Next Step button.
This must be an email on your domain. Make sure one of the emails listed in that dropdown has been created on your domain and you are able to receive mail with it. If it does not exist, create this email first before continuing.
Please note that the process to verify your domain using email is a last resort. This means you may never receive a confirmation email and the SSL will process correctly. However, it's possible you will receive an email if other DCV steps fail to verify. So it's still important to configure this email address. View the following article for further details:
- On the last page, choose how you'd like to pay. Your options are either credit card or electronic check.
- When finished, click the Place Certificate Order button.
What happens after you purchase it?
Email from DreamHost
You'll soon receive an email from firstname.lastname@example.org at the Domain Control Validation (DCV) address you selected for this order. This is just a confirmation of your purchase, but it may also ask you to click a link to verify your contact info.
Email from Sectigo
You may also receive a second email from Sectigo. This is part of the DCV process to verify your domain. This is a last option in the DCV process, so it's possible you never receive this email. If you do receive this email from Sectigo, proceed through the steps to complete the verification of your domain.
Most orders are completed and installed within 2 hrs of them being approved, however it could take up to 24 hrs to fully process.
Installing the Sectigo certificate on your website
At this point you have only purchased the Sectigo certificate. It is NOT installed yet. You can see on the SSL/TLS Certificates page that it's listed as 'pending'.
When you click the Settings button to the right, you'll see a 'Temporary' certificate is currently installed, which can viewed under the Current Certificate tab:
A temporary certificate is only active while your Sectigo certificate is in the process of installing. Once installed, your Sectigo certificate takes its place and becomes the only active certificate on your domain.
Once the Sectigo certificate is active, the following displays on the SSL/TLS Certificates page to the right of the domain.
Test if the SSL certificate is working
The certificate is now installed on your domain. Visit the secure URL of your website at:
You can see the browser bar shows a lock icon confirming the connection is secure.
If you just installed the certificate, you may need to wait a few hours for it to update online.
Forcing your site to load HTTPS by default
Even after you have added the SSL certificate to your site, visitors will not be able to use it unless they manually type in https before your domain name. This defeats the purpose of adding it in the first place since the certificate is meant to protect all of your website traffic.
There are several ways to fix this. View the following article for instructions on how to create a configuration file to redirect all visitor traffic to the secure version of your URL (https).
After installing your certificate, you may find that your browser is still showing an insecure warning when visiting the HTTPS version of your URL. There are a few reasons this could occur. Please view the following article for instructions on how to resolve this issue.
- Adding an SSL certificate overview
- Adding a free Let's Encrypt certificate
- Let's Encrypt SSL certificate overview
- SSL certificates overview
- How do I install a third-party SSL certificate?
- How do I add a free self-signed SSL certificate?
- Force your site to load securely with an .htaccess file
- Force your Nginx website to load securely
- How do I use an SSL certificate with WordPress?