While setting up or re-issuing a SSL certificate, a Certificate Signing Request (CSR) must be generated by the host to pass information between the Certificate Authority and web host. Here are tips for generating a valid CSR:
- The domain has to exactly match the SSL certificate. If you purchased a wildcard, it would look like this: *.domain.com . If the SSL just covers the main domain it would look like this: www.domain.com If the SSL covers a subdomain it would look like this: subdomain.domain.com
- A key of 2048 works best for Encryption Everywhere SSLs and most other SSLs Name.com provides.
- Be sure the contact information is valid and complete.
- Use a CSR checker like this one to make sure you meet the requirements of a valid CSR: https://ssltools.digicert.com/checker/views/csrCheck.jsp
- SSLs can only be renewed a month before they expire, and they cannot be renewed if they have not been set up.
- You can only use one SSL on a domain or subdomain at a time.