If you are thinking about adding an SSL certificate to your Shift4Shop store, there are certain considerations you should make beforehand to help make the process as seamless as possible for your business.
First Time SSL Purchase/Installation
Back to top
If this is your first ever SSL certificate, it might help to understand the steps involved, and be aware of what to expect.
The basic process of ordering and installing an SSL certificate first involves creating a Certificate Signing Request (CSR) which is a specially encoded request from your hosting solution (in this case - Shift4Shop) to the Certificate Authority who generates the actual SSL Certificate file. The CSR contains identifying information about the domain (name, organization, location, etc) which is then used to encrypt the the SSL that will ultimately be installed to your site.
During the creation of your domain's SSL certificate, certain validation methods are used to verify, approve, and issue the SSL. Therefore there are certain conditions that first need to be met.
The actual installation of the SSL certificate will ultimately be handled by Shift4Shop. Once the SSL certificate is issued, the installation process is fairly quick. However, the validation needed to get the SSL certificate issued takes a bit of time and planning and is therefore the main purpose behind this article.
Review your Domain's WHOIS Information
Back to top
One of the main ways the SSL Certificate Authority will verify you as the domain owner is by emailing the confirmation and approval emails to the domain's Administrative and/or Technical contacts on the domain's registration. Therefore, please make sure you have access to and can retrieve messages sent to either of these email addresses.
Before ordering an SSL certificate, be sure to perform a WHOIS of your domain and review the applicable contact information for the domain's registration. If the Administrative an/or Technical Contact emails are not accessbile to you, you may need to review or update your domain registration information
Some SSL certificates that offer Extended Validation (EV) go as far as requiring that your WHOIS information is made public. Therefore, if you have your domain's WHOIS set to private, you will need to change this before proceeding with your EV SSL order.
Alternate Validation Email Addresses
Back to top
In some cases, you may have purchased your domain through a reseller such as a previous hosting provider or other domain registration services. Unfortunately, this means that your domain's administrative contact email address may not be you specifically so you may need consider alternative verification methods which may hinder the SSL ordering process.
Fortunately, SSL Certificate authorities will allow the use of specific email addresses @yourdomain to act as the verification email address used. For SSL certificates ordered through Shift4Shop, you can use any of the following email address variants on your domain for this purpose:
Please be sure to create at least one of these email address variants on your domain to faciliate this part of the process.
If you are ordering an SSL for your sub-domain, the email used will still be for the top-level domain. In other words, if your Shift4Shop store is something like store.yourdomain.com, we will generate the CSR for the sub-level as needed; but the verification emails will be sent to [email protected] rather than [email protected]. So please be sure to create the required emails on the appropriate domain name.
Also, when creating your email addresses on the domain, be sure to test them and ensure you have access to the email box(es) before proceeding with your order.
Please note that if your domain's MX information is not with Shift4Shop, we will not be able to assist in creating the approval email addresses, since we would not have access to your mail service in these cases.
Extended Validation Certificates
Back to top
The SSL Certificate you ordered from us may be one of the Extended Validation (EV) certificates. These are special types of SSL Certificate that offer better encryption and provide your shoppers with more peace of mind about your business. These types of SSL Certificates are called "extended validation" because the verification process is a bit more involved than the regular validation methods described above.
Therefore, before ordering your Extended Validation SSL Certificate, please familiarize yourself with the specific Validation Requirements that will be needed.
As an example, please review the Validation Requirements necessary for GeoTrust EV Certificates by clicking here to better understand some of the validation requirements that may be needed.
Typically, SSL Certificates are issued for a specific timeframe. For the most part, 1 year or more depending on the frequency set when you purchased it. After this set time frame ends, the SSL certificate expires.
Shift4Shop does not offer auto-renewal services for SSL Certificates purchased through us, so please be aware of your certificate's expiration date so you can order the renewal in time.
When requesting a renewal of your SSL, it's important to note that your renewal certificate's validity period begins at the moment that the old certificate expires, so there's no need to wait for the last minute to order your new certificate. In other words, you're not going to lose any validity time by ordering/installig the new certificate early. Due to the various validation and installation requirements that need to be met in installing any SSL certificate, it is best to start the renewal process early to avod interruptions.
In some cases you may wish to transfer an SSL to Shift4Shop from a 3rd party service. Perhaps it's a still valid SSL from your previous hosting service, or it might be an SSL Certificate purchased through a service other than Shift4Shop. If this is the case, you may order the service by clicking here.
Transferring an SSL to Shift4Shop will incur an installation fee. This applies for any SSL certificate that is not purchased through Shift4Shop; even if it is from one of our current SSL partners (Verisign, GeoTrust, or RapidSSL). If you purchase the SSL from them directly and wish to add it to your Shift4Shop store, installation charges will apply. Please click here for ordering information on our 3rd party SSL installation service.