How do I activate a Multi-Domain SSL certificate?

Once a Multi-Domain (MDC) SSL certificate was purchased, the process of its activation should be completed. In order to activate a newly purchased multi-domain certificate, you will need to have a CSR (Certificate Signing Request) code generated on your server. You can either do it yourself (all necessary guides can be found here) or ask your hosting provider to do it for you. The CSR code for a multi-domain SSL certificate can be generated for the primary domain (used as the "Common Name") only, as all additional domains (Subject Alternative Names, also called SANs) can be specified right in your Namecheap account during the certificate activation. You can also generate a CSR code along with SANs on your server.

  • Make sure you save and locate the RSA Private key that was generated along with the CSR on your server, as it will be required for further installation.
  • We would also recommend asking your hosting provider about the server type (software used on your server for CSR generation) as this information will be useful during the installation process.
  • If you are using Namecheap hosting services, you can refer to this guide to get the CSR generated.
  • Keep in mind that SSL Certificates cannot be issued for domains considered unsafe by Google Safe Browsing. All unsafe domains will automatically be removed from Multi-Domain SSL certificates by Comodo (now Sectigo). Check Safe Browsing site status here.

Once you have a CSR code, log into your Namecheap account to start the activation process.

  1. Hover your mouse over the username located in the left corner of the page and select Dashboard:


  2. Your SSL can be located in the SSL Certificates tab. Click Activate next to the certificate in question:

  3. Copy and paste your CSR code including -----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST----- tags into the corresponding field:

    mdcact2

    The common name of the certificate (Primary Domain) will be filled in automatically.

    Note that www and non-www versions of one website are considered as two different hostnames, so if you would like to secure both www and non-www versions of one website, it will be necessary to specify both of them in the list of SANs.

    You will also have an opportunity to specify SANs (Subject Alternative Names - additional domains you would like to secure) by clicking Buy more domain seats button or on Product List prior to initiating activation:

    If you generated the CSR along with SANs, they will be fetched automatically just as the primary domain.

  4. If you click on this button, the following page will appear:

    multi8

    Here you can add SANs and proceed to checkout.

    Please keep in mind that it is necessary to pay extra for every SAN (add-on domain) you would like to add to your multi-domain certificate.

  5. If you skip this step, after clicking Next, you will be prompted to select the Domain Control Validation (DCV) method for all domains in the certificate.

    There will be the following choices: CNAME-based, file-based and email-based.

    • Add CNAME record - involves creating a specific CNAME record in the domain DNS.
    • Upload a validation file - requires to put a specific file on the hosting server for the website.
    • Receive an email - requires receiving and confirming the approval email that is sent to one of domain-related email addresses from the given list (a generic emails admin@, administrator@, postmaster@, webmaster@, hostmaster@).

    Note: If you have activated the certificate with domain.com or www.domain.com indicated as FQDN (Fully Qualified Domain Name) in your CSR code, please make sure that the file is available via http://domain.com/.well-known/pki-validation/file.txt. In this case, www.domain.com is considered to be under your control as well.
    Content of the file shouldn't be changed in any way, as Comodo (now Sectigo) validation system is case sensitive.

    You can find more information about DCV methods here.

    It is possible to either use different method for each domain name (subdomain), or check the corresponding option to use the same method for all of them.

    Note: In order to have a multi-domain certificate validated and issued, it is necessary to complete the validation process for every SAN separately (receive the approval emails, upload the activation file to the root directory of every website, create the CNAME record for every domain name and/or subdomain included to the certificate).

    Once the DCV methods are chosen for all domain names, you can move forward by clicking Next.

  6. Enter email address you would like to receive SSL certificate to and proceed further.
  7. Note: Administrative contact email cannot be changed after the activation is done, however, issued SSL can always be downloaded from the Namecheap account.

    In case Organization (OV) or Extended Validation (EV) certificate is activated, you will be asked to submit company contact information:

    newact4_1

    Note: The Representative section is listed only for OV certificates. For EV orders, the aforementioned section is not required.

    Note: Please keep in mind that changes to the company details for OV/EV certificates can be made during reissue, but only within the first 45 days of certificate issuance.

  8. Once all required fields are filled in, click Next to move onward.
  9. Review information and click Submit to confirm your certificate request.

  10. mdcact7

    You will be taken to the page where you can check the details regarding your certificate (Validity period, Validation level, Certificate Authority ID, Namecheap Order ID and number of the domains to be secured with the certificate in question):

    From here you can change the validation method by following the "from this page Edit methods" link and clicking the Edit methods button on the next page:

    You can resend the approval email/download the activation file/get the corresponding values for the CNAME record by clicking on the small arrow next to Edit Methods option:

    newact7

    multi22

    DNSrecmulti

    It usually takes 10-15 minutes to deliver the approval email. You will need to enter the validation code into the corresponding field (the code can be found in the same email).
    Here is an example of the approval email sent by Comodo (now Sectigo) for email-based validation:

    multi24

    File- and CNAME-based validation may take longer, as these processes are fully automated and checks are performed on the side of the Certificate Authority over a certain period of time.

    If validation fails, make sure that the file is uploaded/CNAME is set up correctly and accessible all over the world.

    Once the email is received/file or record is accessible, and the DCV process is completed, your DV (Domain Validation) SSL certificate will be emailed to the administrative contact email address mentioned during the activation.

    As for Organization Validation (OV) and Extended Validation (EV) SSL certificates, DCV should be completed prior to the documents submission. The list of the documents required for further validation depending on the type of the certificate will be emailed to you as well.
    You can also find the requirements of Comodo CA (now Sectigo CA) for OV and EV certificates validation here.

    Should you have any questions, please do not hesitate to contact our SSL Support Team via Live Chat or ticket system.

Updated
Viewed
44575 times

Need help? We're always here for you.

notmyip