Bulk Purchase Options for SSL

Just in case you didn't know we have a couple of bulk purchase options available at ServerTastic.

RapidSSL 1 Year - Buy 10 or more for $10.00 each

QuickSSL Premium 1 Year - Buy 10 or more for $69 year

When you purchase you will receive an individual invite for each certificate you have purchased. These links are valid for 365 days from purchase. But the certificate is valid for 1 year from the date of issue (so you will not lose any days on your certificate).

You can supply the invite links to your customers. They contain no ServerTastic branding. We are working to bring some more bulk purchase offers and promotions.

Let us know if you have any questions.

Posted by Andy Gambles 

FaceBook SSL Requirements

From the 1st October 2011 FaceBook requires all Apps, elements and page tabs to use SSL so they can be accessed via https.

If your App or Page Tab does not use SSL then you are at risk of having it disabled. You can purchase a RapidSSL for as little as $10 a year from ServerTastic. This certificate is perfectly adequate for use within FaceBook. If you have users who access your app via mobile devices then it may be worth considering purchasing a QuickSSL Premium certificate. This certificate supports older mobile phones. However I would argue that the majority of users accessing FaceBook via a mobile will be using a modern handset and therefore this should not be a problem.

The certificate is installed on your website, not FaceBook. It should be on the domain where your App or Page Tab is hosted. You must then provide your Secure URL in the Development App settings to avoid it being disabled as per the screenshot below.

Posted by Andy Gambles 

SSL certificates with unlimited server support

Last month we reported that Geotrust and RapidSSL certificates would soon support unlimited servers. Well this update is now live!

All Geotrust and RapidSSL certificates can now be installed on as many servers as required for no additional cost. If you have load balancers or multiple web facing servers then this is an fantastic cost saving benefit with RapidSSL available from just $10.00 a year.

Wildcard SSL certificates supporting unlimited sub-domains can now also be installed on unlimited servers.

This applies to existing certificates already issued and new certificates purchased. To install your certificate on multiple servers simply export it from the current server and install on all the other required servers (the requirements to do this will be dependant on your operating system). You can also download the certificate in PKCS7 and Plesk or Apache bundles from here.

The following certificates now include support for unlimited servers at no additional cost

• RapidSSL
• RapidSSL Wildcard
• QuickSSL Premium
• True BusinessID
• True BusinessID Wildcard
• True BusinessID with EV

Posted by Andy Gambles 

SSL with unlimited server licences

UPDATE: RapidSSL and Geotrust SSL certificates support unlimited servers

You may have read in a recent announcement that GlobalSign are providing SSL certificates with unlimited server licensing. This means you can install an SSL certificate on as many servers as you want for no extra cost (but it will still be for the same domain).

I have mentioned over the last few weeks that we have some changes coming to our SSL range. Well one of those changes is that RapidSSL and Geotrust certificates will include unlimited server licensing. This was due for release today but has been delayed until the first week in October. But come the official announcement you will be able to use your RapidSSL and Geotrust certificates on unlimited servers for no extra cost (including SSL certificates already issued).

Check out our full range of SSL Certificates from $10 a year.

If you have any queries then please let me know.

Posted by Andy Gambles 

Important SSL Changes

There have been some significant changes to the SSL certificates supplied via ServerTastic. The most important point to make is that these changes do not affect any certificates already issued and installed.

SSL invite URLs
All invite URLs issued from today now have a validity of 365 days from purchase. This means you must use the invite URL to generate your SSL certificate within 365 days of placing your order. This also applies to bulk purchases. Failure to use the invite URL within 365 days will result in the invite expiring and becoming invalid. No refunds or replacements will be issued for expired invite URLs.

Geotrust certificates now use intermediate
Geotrust certificates such as the QuickSSL Premium used to be issued from a root CA certificate. This meant that when installing your certificate there was no additional "CA Bundle" to install. However Geotrust certificates issued from today will require an intermediate certificate. This intermediate certificate will be supplied with your certificate during purchase.

The installation process may have changed slightly depending on the certificate and server OS. Please make sure you read the fulfilment email completely before commencing installation.

2048Bit minimum key size
From 2013 all SSL certificates must have a minimum 2048bit key size. Therefore if you order a certificate that extends beyond this then the CSR must be generated with a key size of at least 2048bit. You can order certificates using a smaller key size that expire before this date however you will receive a warning during the order process.

Root migration
Many SSL certificates are being migrated to alternative root certificates with a minimum 2048bit key size. This does not affect any existing SSL certificates. However re-issues and new certificates will be issued from the new root. There is no action required by customers during the root migration.

PKCS7 downloads
Certificates can now be downloaded as PKCS7 (which will include the intermediate CA) from the SSL control panel. 

Plesk/Apache bundle downloads
Certificates can now be downloaded as Plesk/Apache bundles from the SSL control panel. 

RapidSSL Certificates
RapidSSL and RapidSSL wildcard certificates will continue to be issued from a root certificate until 23 September 2010. 

Questions
If you have any questions/concerns about these changes please let us know in the comments or contact us. 

Posted by Andy Gambles 

SSL email approver options

Last month the approver email address options for domain validated SSL certificates were restricted. This was due to a number of security problems which arose. (Someone was able to register the ssladmin@ account at a number of webmail accounts).

This prompted a review of the email addresses available to select for domain approval. This affects RapidSSL, QuickSSL Premium and SSL123 products.

The following email addresses can be used for domain approval:

• admin@
• administrator@
• hostmaster@
• root@
• webmaster@
• postmaster@
• The current whois admin contact
• The current whois technical contact

You must have access to one of these email accounts on the SSL domain to be able to receive the SSL certificate.

Posted by Andy Gambles 

RapidSSL and Geotrust now secure WWW and non-WWW domain

Posted by Andy Gambles 

Resend missing approver email

When you purchase an SSL Certificate such as RapidSSL, QuickSSL Premium or SSL123 you have to complete an approver email process. 

Posted by Andy Gambles 

RapidSSL and Geotrust now secure WWW and non-WWW domain

The latest update to the SSL order system means that RapidSSL and Geotrust certificates now automatically secure the WWW and non-WWW domain in a single certificate.

Posted by Andy Gambles 

SSL Certificate Flagged For Quality Review

via flickr.com

The RapidSSL and QuickSSL Premium SSL certificates sold by ServerTastic are usually issued in less than 10 minutes from your order. They simply require you to click a link in an email to complete domain validation.

However we are receiving an increase in the number of tickets asking about delays in the certificate being issued and "quality reviews". It is possible that your SSL order may be flagged for a quality review by RapidSSL/Geotrust. This means that the order must be completed by a member of the RapidSSL/Geotrust staff.

You will know if your certificate has been flagged for review because on the confirmation page after you click the email authorisation link you will see the following wording

Your order is pending a final quality review prior to issuance. This review is normally completed within one business day. For more information on why your order was selected for final quality review visit our FAQs at [link]

There are many reasons your order may be flagged for review. These include:

• Domain whois details appear invalid
• Website does not load or resolve
• The domain contains a flagged phrase. For example BANK is a defined term therefore a certificate for riverbanktours.com may be flagged for quality review
• Your order was randomly selected for review (unlucky!)

Here are some of the things you can do (before requesting your certificate) to try and reduce the likely hood of your order being flagged for a quality review:

• Remove any whois privacy settings on your domain
• Make sure the domain whois contains valid details
• Make sure the domain resolves to a live website

If your certificate does get flagged for a quality review there is very little ServerTastic can do to speed up the review process. They are all checked on a first come first served basis during working hours Monday to Friday. The review is performed by RapidSSL/Geotrust NOT ServerTastic. You can try and speed up the review by contacting Geotrust on the LiveChat link from their support page. In most cases they can do the required steps with you while on line.

It is also likely that the certificate would have been flagged if you had ordered through any other reseller or direct.

You can always contact ServerTastic if you have a problem with your order but please be aware there is little we can do if the order is under quality review.

Remember you can also check the status of your order at any time via the Self Service System.

Posted by Andy Gambles