AutoDNS users have access to one of the largest TLS/SSL & S/MIME portfolios on the market. Use the SSL Wizard to find the right certificate for each project. SSL resellers can purchase all products via API or even implement their own CA accreditation.
You are already an SSL reseller or would like to become one? You need a wide range of certifcates for your projects?
Benefit from our SSL Reseller Program. We offer excellent B2B conditions and a white-label SSL management platform with API access.
Our Partner Managers will work with you to draw up an individual reselling strategy for your business.
Absolutely. Due to current browser regulations, websites no longer resolve if a valid TLS/SSL certificate is not installed. However, you do not need a separate certificate for each domain. You can secure several domains with a multi-domain certificate.
In order to protect several subdomains, we recommend a wildcard certificate which secures all subrecords under one FQDN.
InterNetX is accredited directly at all international certificate authorities (CAs) like DigiCert, GeoTrust, GlobalSign, Sectigo and Thawte. This allows us to offer you a wide range of different certificates with diverse features and options (SAN, wildcard, Multi-year Plan) which can be acquired via AutoDNS.
The best choice of certificate always depends on which medium requires protection, signature and encryption: a website (with or without subdomains or multidomains), emails, code or documents. In order to help our customers find the best product in our certificate portfolio, we have developed the SSL Wizard, which can be used in AutoDNS. It recommends the best certificate for your business needs based on the data you specify. Certificates can be ordered directly in AutoDNS.
Basically, the certificates differ with regard to the security level that is guaranteed by the varying intensity of validation processes undertaken by the certification authority (CA).
There are three types of TLS/SSL certificates:
The domain validation is carried out via a TXT in the domain zone, a file auth entry or through confirmation of the email sent by the CA.
With organization validation, the domain is also validated as with DV certificates. Additionally, the CA also checks the organization applying for the certificate. This is carried out by using public resources such as the commercial register. Further checks are undertaken by calling the organization. To do this, relevant telephone numbers are found by checking public registries.
With extended validation, the domain and organization are validated according to the processes described above. Over and above this, the specified administrative contact is also verified through an email authentication process.
Domain validation is carried out within a few minutes. It can be done directly after ordering the certificate, either via a TXT entry in the domain zone, a file auth entry or via email confirmation.
The validation of OV certificates usually takes 1 - 2 working days as not only the domain, but also the organization itself must be validated.
EV certificates are generally issued within 2 - 5 working days. The domain, the organization and the administrative contact are verified, a process requiring more time.
Yes, organization validation or extended validation always takes place after 397 days at the latest, regardless of the term selected in the Multi-year Plan.
A reissue is a new issuance or update of an existing certificate. Reissuing certificates may be required if the server changes and a new CSR key (private key) is needed or if the private key is lost. The reissue is free of charge. The certificate term and other date relating to the certificate are not changed during a reissue. However, it is possible to specify a new CSR or to extend the term if the certificate was ordered with a Multi-year Plan.
By creating a CSR, a unique key pair (public/private) is generated for the certificate. A CSR is usually created on a web server, but can also be created directly in AutoDNS. It is the most important component for ordering a TLS/SSL certificate. An order can only be sent to the certification authority with the CSR.
TLS/SSL, S/MIME and code signing certificates are limited to a regular validity period of 12 months. However, a longer validity period can optionally be selected when ordering with a Multi-Year Plan.
The maximum validity periods depend on the kind of certificate and the provider
A short overview:
TLS/SSL: regular 12 months
S/MIME: max. 36 months (from April 2022 max. 24 months)
Code signing: max. 36 months
With the Multi-year Plan, longer validity periods (up to 72 months) can be selected for TLS/SSL certificates. A reissue at the actual expiry date - i.e. after 12 months - extends the certificate by a further 12 months until the Multi-year Plan for this certificate has been exhausted.
After the maximum term of 397 days, a revalidation for further extension is mandatory in order to continue to meet all security guidelines as set out by the CA/B forum.
With AutoDNS, InterNetX enables the management and reselling of all encryption products (TLS/SSL, S/MIME and code signing certificates) in addition to domains in a single interface.
Do you have questions about the validation or implementation of certificates? Or do you want to conquer the market as an SSL reseller? Take advantage of the immense benefits we can offer you as a leading ISP. We will be happy to advise you.