SSL Certificate FAQ
    A: The SSL (Secure Socket Layer) protocol is the web standard for encrypting communications between users and websites. Data sent via an SSL connection is protected by encryption, a mechanism that prevents eavesdropping and tampering with any transmitted data. SSL provides businesses and consumers with the confidence that private data sent to a web site, such as credit card numbers, are kept confidential.
    A: Applicants need to have a domain name and a dedicated IP for their website in order to setup the SSL to their website.
    A: Depends on which product the applicants select, they can get a DV SSL Certificate within a couple of hours if they need it right away. Some products (OV, EV) require documentation to be provided for verification, therefore it takes longer processing time for verification process.
    A: Yes, you may cancel the SSL certificate after is has been issued. Refund is only available if the SSL certificate is cancelled within 30 days from the issuing date.

    A: Because of strong validation is a need for the continuing growth of online business, therefore both that the applicant owns, or has legal right to use, the domain name featured in the application and secondly that the applicant is a legitimate and legally accountable entity should be validated before issuing a certificate. Thus, we need to have access to documentation which verifies these two factors in order to complete the validation.
    A: The new gTLDs (genericTop Level Domains) is the new domain name extensions that will come into the Internet world in the form of generic term. As part of ICANN’s new program, the number of gTLDs will expand from two dozen to over 1,300 new names.

    SSL providers have previously approved certificates for common names / SANs which included some of these new gTLDs, which was used as internal server names / intranets at that time.

    With the approval of a new gTLD, a once-internal-name may now actually be a registeredor available domain name. Existing certificates may contain domain names which certificate owners are suddenly unauthorized to use, even if the certificates are used internally-only in their environment. As such, SSL providers will revoke these certificates. Certificate owners will be required to request for a new certificate to replace the existing one.