How to Change SSL Certificate Providers

Something we get asked a lot is how one would go about changing SSL providers or certificate authorities (CAs). We get it — SSL replacement seems like a pretty challenging task, but it’s really not.

Basically, you just replace the SSL certificate you were using with one from the new certificate authority you’ve chosen. People change CAs all the time. In fact, that’s one of the most common things we help businesses and website with. There are all kinds of reasons to switch CAs.

  • Pricing
  • Product selection
  • Customer service
  • Lack of faith in the CA
  • CA distrust issues

So, How DO You Change SSL Certificate Providers?

Fortunately, changing isn’t difficult. You go through the process just like you normally would:

Bear in mind that you’ll need to furnish validation information with your new CA and undergo the process again. CAs can reuse validation information for up to 27 months. However, because CAs don’t share information, you’ll need to allow time for validation to complete.

There are also considerations if you’re using automation. This is especially the case if you’re using an automated certificate management environment (ACME) or a third-party certificate management solution. You’ll need to go into your configurations and have your server start making calls to your new CA. The way to do this varies by platform, but in general you want to make sure you’re not still getting certificate issued by the old CA.

What Else Should I Worry About When Changing SSL Certificate Providers?

You may also want to consider updating your certificate authority authorization (CAA) records to block the CA you’ve left from issuing any more certificates for your domains.

If you decide to change ssl certificate providers, the important thing is not to overthink it. SSL certificates were designed to be swapped out regularly — regardless where you get them from.

If you’re interested in switching, take a look at a curated selection of our most popular products. We guarantee our prices are the lowest you’ll find anywhere on the internet. If you do find a lower price, show us and we’ll match or beat it — depending on how generous we’re feeling that day.

Switch to a New SSL Certificate Provider & Save Up to 88%!

No matter whether you’re looking for DV, OV, or EV SSL Certificates, we’ve got the best selection at the best prices — period. Change SSL certificates now — we offer DV SSL certificates starting as low as $5.88 per year!

Shop Our Selection of SSL Certificates and Save Up to 88%

Free Multi Domain SSL Certificate — Is it Really Possible?

Is a free multi domain SSL certificate really possible? Sure. Almost anything is possible. Maybe a certificate authority (CA) will be visited by a trio of ghosts one Christmas Eve and then awaken to throw its windows open and announce itself reformed. Maybe he’ll even buy a turkey and bring it to your house, dote on your son who has a disability, and give you a raise.

Wouldn’t that be nice?

Now, let’s return to Earth and remember capitalism — you know, the whole money-making deal — and move beyond such wishful thinking. No. You cannot get a free multi domain SSL certificate. You can get free single domain SSL certificates, which you can then install on each website individually. But that means a lot of PKI certificate management work on your side to try to keep them all straight.

Just being realistic, though, the CA industry is not going to sanction your thriftiness and let you encrypt your entire portfolio of websites using a single free multi domain SSL certificate.

Why You No Free Multi Domain SSL Certificate?!

No, all kidding aside, it’s just too much work to validate a multi domain SSL certificate without for free. As with everything else in life, there are expenses associated with validation and the issuance of certificates — and this isn’t something that can be offered for free realistically.

We do have some good news, though. While we’re not going to give you a free multi-domain SSL certificate, we will provide you with a selection of the lowest priced multi-domain SSL certificates you’ll find on the internet. We buy these certificates from the CAs in bulk at incredibly low prices and then flip them at razor-thin margins to ensure you get the best prices anywhere.

So, long story short: No, you can’t have a free multi domain SSL certificate, but we can sell you the internet’s cheapest multi domain SSL certificate.

Don’t believe us? Here, take a look for yourself:

Purchase a Multi Domain SSL Certificate and Save Up to 89%

We offer the best discount on all types of Multi Domain SSL Certificates. Our offerings include Comodo Positive Multi Domain SSL Certificates, which start for as little as $18.68 per year.

Shop Multi Domain SSL Certificates and Save Up to 89%

What is SSL Client Certificate Authentication and How Does It Work?

Did you know that SSL can be used for both client authentication as well as server authentication? And what is SSL client certificate authentication to begin with?

When most people refer to SSL certificates and the authentication they provide, it’s done in the context of server SSL certificates — not client authentication. This is an important to note because the vast majority of SSL certificates that are used are server certificates. When a client arrives at a website, the server presents its certificate and the client performs an authentication to verify the identity of the certificate’s owner.

Read More

What is HTTP Public Key Pinning and Why It’s Not Good to Practice

In the annals of bad human ideas, HTTP public key pinning, or what’s more commonly known as HPKP, ranks right up there with spray-on hair and two-in-one toilet/bidets. Without straying too far into the proverbial weeds, we’re going to lay out why you definitely shouldn’t be pinning your keys in this blog post.

And to be clear — just in case you don’t read past this sentence — don’t pin your keys. Simply put, HPKP is a terrible idea, and it’s more likely to break your website than lead to any meaningful improvement in security! Even Google agrees.

Read More

What an SSL Common Name Wildcard Error Is and How to Fix It

Having wildcard(*) SSL certificate in common name (CN) issues? Here’s what you can do about it

Are you having issues with your wildcard SSL certificate, or have you seen a message akin to “WILDCARD(*) SSL CERTIFICATE IN COMMON NAME (CN)?” The second half of this question is actually a fairly misleading one because it’s a hyper-specific error that is really just a variant of a more common wildcard SSL error. So, if you have a wildcard SSL certificate installed on your server and you’re running into this issue, keep reading.

Read More

Why Is My Wildcard SSL Not Working on a Second Level Subdomain?

An In-Depth Look at Why a Wildcard SSL Certificate Causes a Domain Mismatch Error on a Second Level Subdomain

We know, you’re here because your wildcard SSL is not working on a second level subdomain for some reason. To help you understand why, we first need to tell you a bit about wildcard SSL certificates and what they do and don’t secure. The digital certificate industry is, at times, needlessly opaque about what its products actually do. The wildcard is one of the biggest offenders. It’s often marketed as securing “unlimited subdomains.” And that’s partially true — with one important caveat:

Read More

HostGator Wildcard SSL: How to Install a Wildcard SSL Certificate on HostGator

HostGator is a popular hosting platform (with an unfortunate mascot). Wildcard SSL certificates are X.509 digital certificates designed to encrypt sub-domains. Sometimes the two meet and one gets installed on the other. Maybe this is what you’re trying to do with what you might refer to as a “HostGator wildcard SSL certificate.”

Read More

How to Install a Wildcard SSL certificate on NGINX

Yeah, you’re here because you want to know how to install a wildcard SSL certificate on your NGINX server. You’re not the first person to ask, nor are you likely to be the last. After all, NGINX is one of the most popular servers in use, and wildcard SSL certificates are great because they help you secure one domain and all of its first-level sub-domains. Add this together, and it means that sometimes people install wildcard SSL certificates on NGINX.

Read More

What is a SAN Certificate and How Does It Work to Secure My Site?

We’ll break down what is SAN is SSL and why it matters to your organization

SANs. Hardly anyone seems to love acronyms as much as IT and infosec professionals. Well, except maybe government or medical professionals… but, you get the point. However, what is SAN in SSL? You’re likely here because you’re wondering “what is a SAN certificate” and how is it useful? Well, you’ve come to the right place for an answer. This is kind of our area, after all.

Read More

How to Install a Wildcard SSL Certificate on IIS 7 and IIS 8

Your guide on how to effectively install a wildcard SSL certificate on your Microsoft server

Needing to know how to install a wildcard SSL certificate on IIS but aren’t sure where to start? No worries. We’ve got you covered. Heck, we’ve even included some screenshots of the steps to help you along the way. We’re no strangers to this process — we’ve even written other resources such as how to install wildcard SSL certificates on multiple servers.

Read More