DynDNS SSL Cert Readme
Important information to know about SSL Certs
- SSL Certificate Defined
- Root Signed Certificates Versus Self-Signed Certificates
- "Unrecognized CA Root Authority" Errors
- Certificate Dates and Renewals
- Wildcard Certificates Defined
- Dynamic DNS Hosts
SSL Certificate Defined
An SSL Certificate is a digital certificate that identifies the authenticity of a website or e-mail server and is used to encrypt information sent to and from the server using the Secure Socket Layer (SSL) protocol. When an Internet user connects to a server with an SSL Certificate, the remote user can examine the validity of the SSL Certificate. This is often done automatically and is represented by a padlock in the browser window.
Root Signed Certificates Versus Self-Signed Certificates
Self-signed and certificate authority signed certificates differ in the level of trust given to the identity of the certificate holder. Certificates that are self-signed have no real verification of identity. Browsers and other software have a list of certificate authorities who are "trusted" to vouch for the identity of domain holders.
"Unrecognized CA Root Authority" Errors
This error basically means that your application does not recognize the certificate authority. The CA Root used for GeoTrust signed certificates is "Equifax", and most modern browsers support this root certificate by default. If you run into a browser that does not include the Equifax root by default, please let us know, and we can work on getting it installed into a future release of that browser.
You can also download the root certificate directly.
Certificate Dates and Renewals
The start date of the Cert itself will become the date that the Cert is fully issued. For one of the True Business ID products, which require the Organization Name to be verified, Geotrust's turn-around time for the verification/issue process is about 3-4 days from the date you place the order. For the QuickSSL products, if the Approver Email address will be able to confirm the request the same day that you place the order, then that Cert will get issued the same day and the start date of the Cert will also be the day you placed the order.
If a certificate is renewed early, GeoTrust will honor the remaining validity period and add it on to the life of the new certificate issued from GeoTrust (up to 90 days).
Wildcard Certificates Defined
A wildcard certificate may be used to secure all subdomains under a domain name. The domain/common name in the CSR needs to be "*.example.com". The asterisk is a place holder and enables you to secure different subdomains that share the same base/second level domain name. Here is an example of sub-domains with the same second level domain:
www.example.com, w1.example.com, secure.example.com, money.example.com, trash.example.com
Wildcards can also have more than three fields, such as: *.*.domain.com or *.*.*.*.*.domain.com. If you are running IIS 5.0, you cannot get a multi-asterisk wildcard. You can only get a single asterisk wildcard.
Dynamic DNS Hosts
Third-party SSL certificates cannot be used for Dynamic DNS hosts, including the certificates we offer. You may use self-signed certificates for Dynamic DNS hosts. If you need the security of our certificates for business transactions or corporate use, you may wish to create your own domain registration and DNS service and purchase SSL certificates for your new domain.