SSL Certificate Managed PKI Personal ID MyTRUST MyKAD ID SSL VPN Managed Security Services VeriSign Certified Training Application Development
WhitePapers PKI Glosary Brochures

 

  Support - SSL Server ID Enrollment Guide
 

 

Step 1: Confirm Domain

Step 2: Obtain Proof of Right

Step 3: Generate CSR

Step 4: Submit CSR

 

Step 5: Complete Application

Step 6: Wait for Processing

Step 7: Install your ID

 

Step 1: Confirm Domain

MSCTrustgate.com can only issue SSL Server IDs to the registered owner of a domain name. For example, if you want to obtain a SSL Server ID for www.verisign.com, you must be an employee of the organization that owns the domain verisign.com.

Domain names are registered with organizations known as NICs. To verify ownership of your domain name, please click on one of the links below to use the "whois" services of your local NIC. Simply enter your domain name when prompted. The name of the registered owner of the domain name will be displayed.

  • Network Solution's InterNIC
    (most US domains, as well as .com, .edu., .org, .net)
  • Australia (.au)
  • Brazil (.br)
  • Canada (.ca)
  • France (.fr)
  • Germany (.de)
  • Italy (.it)
  • Japan (.jp)
  • Korea (.kr)
  • Mexico (.mx)
  • United Kingdom (.uk)
  • US Government (.gov)

 

  return to the top
 
Step 2: Obtain Proof of Right

MSCTrustgate.com can only issue a SSL Server ID after establishing that your organization is legitimate, and is registered with the proper government authorities.

We require the following documents: 

Proof of Right to Use Name - These documents are necessary to ensure that you, as an organisation, have legal use of the Organisational Name within the Distinguished Name field of 
the certificate request. This document can be in the form of a Business License or Certificate of Business Registration with some level of your local/national government. 

Examples of proper forms are: 

* Business License (Form 9 for Malaysian and Singaporean Company) accompanied by Form 13 if Organization name has been changed 
* Articles of Incorporation 
* Partnership Papers 
* Charter Documentation 
* Certificate of Incorporation 


NOTE 
**** 
For state level: letter of incorporation, or partnership 
papers. 

For city/locality level: business license, or partnership 
papers. 

For Universities: A notarized letter from the office 
of the Dean

For International customers: The proof of right documentation must be provided in English. For non-english speaking countries, the Proof of Right documentation must be translated into English by registered translator. Translated documents must be signed, dated and stamped by a notary to confirm that they were translated by a registered translator. 

*Please ensure that all copies are certified as a true copy before faxing to us.


 

 

  return to the top
 
Step 3: Generate CSR

Follow the instructions that came with your server software to generate a keypair and a Certificate Signing Request (CSR). Key generation is the creation of the server's private and public keys. It is closely associated with the Digital ID request because the CSR includes a copy of the public key. If your software asks you for an email address, use your own. You can then use the CSR your server emails to you.

We support the following servers:

  • Netscape Commerce
  • Netscape Enterprise
  • Internet Factory
  • Microsoft IIS
  • Stronghold
  • O'Reilly Server version 2.0

Note: For Microsoft IIS Users
If you are generating a CSR, be sure to use a password that is no more than 8 characters long. Also, please do not use any special keys, such as (~!@#$%^&*()__{}|:"<>?), in your password.

IMPORTANT: Make a backup copy of your key pair and password and store them securely. This is a vital step as a precaution against overwriting, deleting, or corrupting the file. MSCTrustgate.com can not recover your Digital ID without the private key and password. If you lose your key pair or password, you will have to generate a new key pair and enroll (and pay) for a new SSL Server ID. Unauthorized access to your private key constitutes total compromise of your server's security. Tips for Your Distinguished Name
When you generate your CSR, you will be asked to enter your server's distinguished name. Distinguished names uniquely identify individual servers, and contain the following information.
Common Name: Also known as the URL, the common name is the fully qualified domain name used for DNS lookups of your server (such as www.bookstore.com). This information is used by browsers to identify your web site. If you change your hostname, you will need to request another Digital ID. Client browsers connecting to your host will check for a match between your Digital ID's common name and your URL. You cannot use wildcards (*, ?, and so on), IP addresses, or Port numbers in this field. Please do not include the "http:// or https://" in your common name. Organization or Company: This should be the organization that owns the domain name, as determined in Step 1. The organization name (corporation, limited partnership, university, or government agency) must be registered with some authority at the national, state, or city level. Use the legal name under which your organization is registered. Please do not abbreviate or use any of these symbols ! @ # $ % ^ * ( ) ~ ? > < / \. Organizational Unit: You can use this optional field to differentiate between divisions within an organization, for example, "Electronic Commerce Pilot" or "Human Resources". If your organization is doing business as ("dba") a trade name, you may specify the trade or dba name in this field. City/Locality: Optional in most situations. This field usually denotes the city in which the organization is located. Do not use abbreviations. For example, spell "Saint Louis", instead of "St. Louis". If the organization is registered locally only, for example by virtue of having a business license registered with the City Clerk, the Locality/City field must contain the name of the city where registered. In this case, the State/Province field is Srequired. International customers must enter either a City/Locality or a State/Province. State/Province: U.S. and Canadian customers must enter a State or Province name. Do not abbreviate. In the United States, if your organization is incorporated in, say, the state of Delaware, but is operating within California, use California. International customers must enter either a State/Province or a City/Locality. Do not abbreviate.

Country: This is the 2-character ISO format country code. For example, GB is the valid code for Great Britain, and US is the valid code for the United States.

 

 

  return to the top
 
Step 4: Submit CSR

After creating your CSR, open the file (or email) using a text editor such as Notepad, copy the CSR, and paste it into MSCTrustgate.com's online enrollment form. A CSR looks like this:

-----BEGIN NEW CERTIFICATE REQUEST-----
MIIBJTCB0AIBADBtMQswCQYDVQQGEwJVUzEQMA4GA1UEChs4lBMHQ
XJpem9uYTENA1UEBxMETWVzYTEfMB0GA1UEChMWTWVs3XbnzYSBDb
21tdW5pdHkgQ29sbGVnZTEA1UEAxMTd3d3Lm1jLm1hcmljb3BhLmV
kdTBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQDRNU6xslWjG41163gA
rsj/P108sFmjkjzMuUUFYbmtZX4RFxf/U7cZZdMagz4IMmY0F9cdp
DLTAutULTsZKDcLAgEDoAAwDQYJKoZIhvcNAQEEBQADQQAjIFpTLg
fmBVhc9SQaip5SFNXtzAmhYzvJkt5JJ4X2r7VJYG3J0vauJ5VkjXz
9aevJ8dzx37ir3P4XpZ+NFxK1R=

-----END NEW CERTIFICATE REQUEST-----

 

 

  return to the top
 
Step 5: Complete Application

Verify Your Distinguished Name: If any of the information is wrong, please generate a new CSR with the appropriate information.

Enter Your Digital ID information: Choose Your Server Software Vendor from the list. If you do not see your server software listed, please return to the list of servers and make sure to click on the correct icon.

Enter a Challenge Phrase: That will be easy for you to remember and hard for someone else to guess. You will need this phrase later if you need to revoke your Digital ID.

Enter the Names and Contact Information: For three people MSCTrustgate.com's Digital ID Center can contact regarding your SSL Server Digital ID.

  • Technical Contact - Must be authorized to run and maintain your secure web server, and must be employed by your organization. If you receive your web access through an Internet Service Provider (ISP), they need to complete our ISP online enrollment for you.
  • Organizational Contact - Must be employed by your organization. They must be authorized to make a binding agreement to the Secure Server Service Agreement for your organization. This should be a different person than the Technical Contact.
  • Billing Contact - Will receive invoices. You can choose Same As Technical Contact or Same as Organizational Contact, if the contacts are the same. In this case, you do not need to fill in the information for the Billing Contact.

Payment Information: Choose whether you are buying a new, additional, or renewal Digital ID. A VeriSign employee will later confirm that you have chosen the correct option. Choose How You Want to Pay for Your Digital ID:

  • Credit Card - Choose the type of credit card you wish to use, and enter the credit card number in the provided field. Choose the expiration month and year from the pull-down menu, and enter the card holder's name.
  • Purchase Order - If you pay by purchase order, please enter your purchase order number in the enrollment form. The Digital ID center cannot process your request until a hard copy of the purchase order is faxed to: (630) 8318-1800. Please make sure to reference your common name (e.g. www.bookstore.com) on the fax cover sheet.
  • Check - If you pay by check, please enter your check number in the enrollment form. All checks must be drawn on a US bank and in US funds. The Digital ID Center cannot process your Digital ID until we receive your check mailed to:

    Digital ID Center
    MSCTrustgate.com SDN BHD
    Belatok Block, Cyberview Garden
    Cyberjaya, 63000
    Selangor, Malaysia

Please make sure to reference your common name (e.g. www.bookstore.com) on the fax cover sheet.

Read the Secure Server Service Agreement: All MSCTrustgate SSL Server Digital IDs are covered by the Secure Server Service Agreement. Please read the agreement carefully and click Accept only if you agree to the terms and conditions of this agreement, otherwise click Decline.

 

 

  return to the top
 
Step 6: Wait for Processing

MSCTrustgate.com  employees will now examine the information that you have submitted. If all the information you entered is correct, we should have all we need to authenticate and issue your SSL Server Digital ID in 3-5 working days.

Your Technical and Organizational Contacts will receive an email message confirming your enrollment. The message will include a PIN an a URL where you can use that PIN to check on the status of your Digital ID request. If you do not receive this e-mail within 2 hours of submitting your order, please reapply.

 

 

  return to the top
 
Step 7: Install your ID

When your Digital ID is approved, we will send it to your Technical and Organizational Contacts by email. When you receive your Digital ID, make a backup copy of it and store it on a labeled floppy disk, noting the date you received it. Store the floppy in a secure place. To install your Digital ID, follow the instructions in your web server documentation.

 

 

  return to the top