Should I include "www." in the common name or not?
Most certificates are used for public websites. These websites are commonly reachable via both www.domainname.com as well as just domainname.com. A certificate will only include a single hostname, the value that you insert into the common name of the CSR. This means that a certificate ordered for domainname.com will normally not work for www.domainname.com. But the certificate authorities have implemented a method to make sure that you do not need a multi-domain certificate or multiple certificates for a single website! It does not matter if you insert the common name with www or without www, both versions will be included in the certificate. After the certificate has been delivered the certificate authorities will automatically include domainname.com or www.domainname.com as an additional name in the certificate. Be advised that if chosen hostname already contains a subdomain (for example www.domain.domainname.com, or domain.domainname.com) the issued certificate will only protect a single hostname, i.e. www.domain.domainname.com or domain.domainname.com. This is only valid for single domain certificates. This is not the case for multi-domain certificates. If you request a multi-domain ssl, you need to include both www and non-www domains in the list of domains.
Can I request an SSL certificate on an IP address instead of a domain name?
Yes, several certificates support this. All Comodo certificates can be ordered with an IP address as 'common name', as can the GeoTrust True Business ID certificate. The other certificate types can only be ordered on hostnames.
How long before the certificate expiration date can I request a renewal?
Renewal can be requested if there’s 90 days or less left before the expiration.
If I renew a certificate X days before expiration, will these days be added to the renewed certificate?
If you start the order within the last 90 days of the old SSL being active, the remaining period of the SSL certificate will be added to the new certificate.
How can I renew an expired SSL certificate?
You should request a new certificate instead.
Will certificate in my new order (for the same domain) be prolonged for days left unused in expiring certificate (for the same domain)?
No, it won't. Period will be prolonged only for certificate within the scope of an exist current order. The remaining period of the SSL certificate will be added to the new certificate only within current active order.
Can an OV/EV certificate be ordered by a private entrepreneur?
Comodo: yes*, it’s possible, but the enrolling PE has to forego a face-to-face** verification, which would require providing additional documents, filling out a verification form and mailing it directly to Comodo via postal or courier service.
* Russian PE's are eligible for OV certificates only
** If PE has passed face-to-face verification during the registration in local commercial registry, Comodo's face-to-face verification is not required
Why can’t I re-request confirmation email or change validation method of my DV certificate?
The most common reason is that your certificate has already passed the DV check - there’s no reason to change methods or send additional emails to the domain owner.
Symantec: if order is in brand validation stage CA prohibits any actions to be performed over the certificate request, including change of validation methods and sending additional emails.
Why I did not receive Sectigo (Comodo) confirmation emails while issuing certificate in test envinroment (CTE)?
Sectigo (Comodo) unlike Symantec (Digicert) does not sent such confirmations in CTE due to technical specifications. If you want us to activate your Sectigo (Comodo) certificate on CTE, please contact support.
My Comodo Wildcard certificate is issued, but I receive an error when I’m trying to open the certificate archive I've downloaded, what’s wrong?
Comodo Wildcard certificates have a “*” in the file names, which is considered a prohibited character in dafault Windows archive tool, as a result - your archivation tool returns an error. Try using free archivation tool like 7-Zip: it mitigates this problem by renaming the files containing ‘*’ automatically.
I've lost my private key, how can I get it again?
Private keys being sent to your email while you generated CSR firstly. Private keys are not stored in SSL Panel due to security reason. If you've lost a private key, the only option is to request a reissue of a certificate, generating a new CSR and public / private key pair in the process.
What will happen to the existing certificate once I've requested reissue? Will it still be valid until the new one is received?
the initial certificate will be active till its Expiration Date. So at the same time, both certificates (initial and new reissued one) are active and valid.