Discussions / FAQs

Ask a Question
ANSWERED

Can I get an EV SSL Wildcard Certificate?

Due to strict validation requirements set down by all Certificate Authorities wildcard EV certificates are not available from any provider. You can obtain [EV Multi-Domain SSL certificates](https://www.servertastic.com/ssl-multi-domain).
ANSWERED

I need a certificate with CA=True or KeyUsage=CertSign

The above key constraints mean that the certificate is allowed to issue signed certificates. It is not possible to purchase a publicly trusted certificate with these constraints from any Certificate Authority. If such a certificate were issued it would be possible to sign an end-entity certificate for any domain and it automatically be trusted by browsers. This creates a significant security risk as the owner of such a certificate could simply just issue a certificate for google.com or paypal.com and inspect all traffic between the user and the server. The main reason for requiring such a certificate is to install on a firewall type device that performs deep packet inspection. This is essentially performing a Man-in-the-Middle attack on the end user using the firewall by breaking end-to-end encryption for that user. The only option is to create a self-signed certificate with these key constraints and then add it as a trusted certificate on all the end user devices connecting through the firewall either via a group policy or asking the end users to install the certificate.
ANSWERED

Why is my certificate is only valid for 1 year but I purchased for multiple years?

Due to changes implemented by the CA Browser Forum certificates can only have a maximum validity period of 397 days to be trusted by browsers. You can reissue your certificate multiple times during the life of your certificate plan to obtain the full validity. For more information please see our guide on [Multi-Year HTTPS Certificates](https://docs.servertastic.com/docs/multi-year-https-certificates)
ANSWERED

Convert Private Key to RSA format

ANSWERED

How do I convert a PEM to PFX?

ANSWERED

CSR does not contain a wildcard domain as expected

ANSWERED

SSL Certificate does not work on Parallels Panel (Plesk)?

Once you have installed the certificate in Parallels Panel you need to then assign it to a web site. While managing your domain click `Websites & Domains > Show Advanced Operations > Website Scripting and Security` Tick the box `Enable SSL support` then from the drop down select the correct SSL certificate.
ANSWERED

How to remove my saved card details?

ANSWERED

How do I change my Servertastic account email address?