Greetings,

Hope someone can help with these questions:

#1
When renewing the SSL cert (with Thawte), it asks for a CSR from the server. On my Raq3i, do I just go to the SSL screen on the site and use the 'Certificate Request' area? Or is a new one generated?

#2
Thawte's renewal info advises that the State must be spelled out, however I previously used the two character initials. How did others get past this?

Thanks,

Dan

Dan,

#1 If you are a Thawte HP, you do not need to do anything with the CSR. Just log into the URL they send you for the renewal. Pay, and tell them nothing has changed. They will send you an updated cert.

If you want to change the state or any other info, you will need to delete the old cert and generate a new one.

If you are not a partner and they require the CSR, then just cut and paste the one you have. Do not generate a new one.

#2 We have been using Cobalt's since the RAQ came out and we needed to do everything with telnet. We have never been able to generate a CSR with just the two initials. That is really odd.

Followup:

I talked with Cobalt support, who advised that it is a known bug in the software and has not yet been fixed. The problem is that when I originally created the certificate last year, I used the two character State code, which at that time was permissible by Thawte. Now they require the State spelled out.

The tech tried to regerate the certificate manually but couldn't get it to work.

My next step is to contact Thawte and see if there is anything that can be done at that end.

If not, I'll have to create a new subdomain for my ssl account and register for a new cert.

Any other ideas?

Thanks

Dan

Hmm... I just look at my cert and realize I'm in the same boat (used a two-character state name)--I never knew this was "illegal" until I read this thread. The funny thing is, if you move the mouse over the question mark "help" icon, it says:
"The state in the form of the abbreviated state name. e.g. NSW for New South Wales."

So it's not just a "bug" in the software, it's bad information in the Cobalt help file. Do Equifax and Verisign require spelled-out state names, or is that a Thawte-only thing?

I certainly don't like the price that comes with the Verisign cert... that what makes the Thawte so attractive.

The Equifax seems to require some additional attention to get working, but am not clear what that is... maybe someone will help out.

I am using a Raq3i

Thanks!

The equifax cert we have was a breeze to install as long as you follow all of the instructions on their site. The trick is naming the secondary file in the /home/sites/home/certs directory either "ca" or "equifaxca2". Equifax is by far the cheapest solution, especially if you partner with them. We got our cert for $68!!!