UniSSL certificates are a must-have for anyone operating a website. With the recent changes initiated by Google Chrome, websites which do not have SSL certificates installed will be labeled as insecure in the browser. This means your visitors and customers may not know they can trust you without it. With affordable options and various certificate types backed by one of the most trusted Certificate Authorities in the industry, a UniSSL is your best choice for domain security.
Once you have purchased your UniSSL certificate, you need to activate it.
If you haven't purchased your UniSSL certificate, click here to view the steps to purchase.
If you've already purchased your UniSSL certificate follow the instructions below to activate it.
How to activate a UniSSL certificate
If you haven't purchased your UniSSL yet, click here to view the steps to purchase.
1. Once you have purchased your new UniSSL you will see your order summary with a button to activate.
Click 'Activate Certificate' to begin the activation process.
- OR -
1b. Access your UniSSL certificates at any time from the SSL section.
Click 'SSL' from the menu at the top of the page.
2. Select the certificate you want to activate.
Click 'Activate' next to the certificate you want to use.
3. Generate your CSR.
Your UniSSL certificate is activated by generating a CSR or "certificate signing request". Click here to learn more about CSR's.
Select whether you wish to generate a new CSR of if you have an existing one you'd like to use.
3a. New CSR
Select 'Generate a new CSR now' to use Uniregistry's CSR tool.
3b. Use your own CSR
Select 'Use a CSR generated elsewhere' to use your own.
- Some servers require generating the CSR for installation so be sure you're familiar with your specific server before you activate your certificate.
- Ensure you save your private key in a safe place. You will need it later during installation. If you lose it, you will need a new CSR to reissue a new certificate.
4. Enter the domain(s) you wish to add to the certificate.
*Only for new CSR requests
For multi-domain certificates:
- Subdomains (including www) are separate seats in your multi-domain certificate and must be added as individual domain entries.
- Click 'Add' after entering each domain
- You must add all of the domains to your multi-domain certificate at activation. If you want to add some domains later, you will need to contact support to have the certificate cancelled, resubmit activation and have a new certificate issued.
For wildcard certificates:
- Enter the domain as *.domain.com for wildcard certificates.
Review 'Advanced Settings' for encryption algorithms and key size.
5. Select your preferred method of verification.
In order for your certificate to be issued, you must verify that you are in control of the domains.
Domains registered with Uniregistry may be automatically validated with DNS.
- The checkbox to configure DNS automatically for your domain(s) will auto select when the domain is detected in your account.
- OR -
If your domain is not registered with Uniregistry, select one of the 2 methods of verification.
- Click here to learn more about verification methods.
- The instructions for the verification method you select are displayed at the bottom of the page.
6. Verify Ownership of your domain(s) by either DNS or HTML.
Follow the instructions for the method you selected to verify ownership your domain(s).
Verifying ownership of your domain via DNS requires adding the record generated as a CNAME to your domain. If your domain is registered with Uniregistry, and using Uni's name servers we will recognize this and offer to verify automatically when you select the 'Configure DNS records automatically' in the previous step.
For domains not registered with Uniregistry, or not using Uni's name servers, create the CNAME record in the DNS configuration for the domain at the current web host portal using the credentials displayed in your account. Once created, the record is visible in a DNS query and domain ownership is verified.
Create a CNAME using the credentials noted.
HTTP verification requires you to download a verification file and then upload it to a specific directory of your web host’s server. The file then shows up in an HTTP query and domain ownership is verified.
Click 'Download File'.
Upload the file to the directory noted on your domain's hosting server.
Confirm the file is externally accessible at the noted URL.
7. Download your private key.
Your private key is a confidential file needed to decrypt the data which will be encrypted by your new certificate. Download and save the file in a secure location. Do not share it with anyone. You will need it later in the installation process.
- Learn more about your private key here.
Review the details of your UniSSL certificate.
Click 'Download Private Key' and save the .pk file in a secure location.
- You must download your private key at this step. Save it in a location you will remember. If you lose this file, it cannot be re-issued and your certificate will not work. You will need to reactivate or purchase another certificate if you lose your private key.
- Once you have submitted your activation form your certificate will be processed for activation and this cannot be undone.
8. Wait for your certificate to be issued and download when available.
Once your certificate has been issued, the 'Download Certificate' button will be active.
You can monitor the progress of your certificates at any time by clicking 'SSL' from the menu at the top of the page.
Click 'Download Certificate'.
- Auto-renew is enabled for your certificate by default. Click to disable it.
9. When you're ready to install your certificate on your web host's server, click here.