Question 1

How to install Root & Intermediate CA Certificates on Android?

Accepted Answer

On Android 11+, to install a CA certificate, users need to manually install the certificate through device settings, as automatic installation is restricted.

Question 2

How to get SSL certificate for an IP address, server name, or localhost?

Accepted Answer

Single-domain and Multi-Domain certificates allow one to get SSL certificates for internal or external IP Addresses, Server Names, and localhosts.

Question 3

Why am I getting an error, even after installation of Root Certificates on the Client PC?

Accepted Answer

This sometimes happens due to Antivirus or End Point Security software. They don’t trust non-public Root Certificates and tell the browser that the Intranet Root Certificate is not trusted.

Question 4

How to create CSR with SAN values using OpenSSL?

Accepted Answer

For creating CSR with SAN values (X.509 v3 Extension) it’s important to create a configuration file with the required certificate details. Execute following command in openssl.

Question 5

Can you provide technical details of SecureNT Intranet SSL certificates?

Accepted Answer

Certificates are issued by default with RSA Encryption, 2048 bit Key Size, and Sha256 Hash Algorithm. The Root Certificate chain is from Secure Network Traffic

Question 6

Are SecureNT Root Certificates trusted by the browsers?

Accepted Answer

Intranet SSL certificate’s root certificate chain is not trusted by default on popular browsers like Chrome, Edge, Internet Explorer, Safari, Firefox, etc. This means that unless certain steps are taken, a client PC will get a “certificate not trusted” error when accessing a website hosted on a server with Intranet SSL.

Question 7

How to install Intranet SSL Certificate on Tomcat or JBoss?

Accepted Answer

The certificate zip file contains the server certificate in PFX (PKCS12) format. It needs to be imported into the Tomcat/JBoss Keystore file using the appropriate import command.

Question 8

How to get Intranet SSL from your website?

Accepted Answer

This video shows step by step how to get SecureNT Intranet SSL from our website.

Question 9

What is the pricing of SecureNT Intranet SSL Certificates?

Accepted Answer

SecureNT Intranet SSL Certificates are competitively priced. The price of a SecureNT Intranet SSL / TLS Certificate for 1 Year is: Single Domain USD 110, INR 8,000; Multi-Domain (1+4 SAN) USD 246, INR 17,600; Wildcard USD 270, INR 20,000; Multi-Domain Wildcard (1+4 SAN) USD 444, INR 32,000

Question 10

Why do I need to install the CA cert on the client desktops also?

Accepted Answer

We issue SSL certificates to local hosts, server names, IP addresses and internal URLs. They are SSL certificates for internal network names. And our CA certificates are not trusted by the browsers and the client Operating Systems like Windows.

Question 11

How to deploy SSL certificate in Windows Azure environment?

Accepted Answer

Installation of SSL Certificate in Windows Azure environment is different. It requires a special password-protected PFX file with Triple DES encryption. Please mention this requirement while placing a request to us. We will send this special PFX file. Installation steps are given on this Blog Post.

Question 12

While requesting Intranet SSL, should I generate CSR or just give certificate details?

Accepted Answer

It is always recommended to generate CSR on your web server and share with us. This is because the private key generated during the CSR generation remains on your server, within your premises.

Question 13

How to install Intranet SSL certificate on SAP server?

Accepted Answer

Download the SAPGENPSE Cryptography tool that is part of the SAP Cryptographic Library in the SAP Service Marketplace and install it. On the Data Integration Service machine, download the latest available patch for the SAPGENPSE tool based on the operating system. At the command prompt, navigate to the directory that contains the SAPCAR.EXE file and the SAPCRYPTOLIB_*.SAR file.

Question 14

What are internal names?

Accepted Answer

Internal names include hosts and domains that cannot be registered or resolved in public DNS e.g., server01 or server.local, localhost, etc. Internal IP addresses cannot be registered for use on public networks. They include IPv4 or IPv6 addresses the Internet Assigned Numbers Authority (IANA) marks as reserved.

Question 15

Why choose Multi-Domain Wildcard SSL Certificates?

Accepted Answer

Multi-Domain Wildcard SSL Certificates are the most economical way to secure unlimited sub-domains and multiple host names, server names, internal/public IP addresses, or web page URLs with one certificate, reducing the burden of managing many individual certificates.

Question 16

What is a Wildcard Certificate?

Accepted Answer

A Wildcard certificate is a single certificate with a wildcard character (* – star) in the domain name field. This allows the certificate to secure multiple subdomain names of the same base domain. For example, a wildcard certificate for *.domainname.com could be used for www.domainname.com, mail.domainname.com, blog.domainname.com, etc.

Question 17

What is a Multi-Domain or SAN certificate?

Accepted Answer

A Multi-Domain (or Subject Alternative Name-SAN) certificate can support multiple domains, server names, and IP Addresses with a single domain. They reduce SSL cost and maintenance by using a single certificate for multiple websites using SAN. These certificates are more flexible than Wildcard certificates since they are not limited to a single domain.

Question 18

Multi-Domain vs Wildcard SSL – What's the difference?

Accepted Answer

A Wildcard certificate secures one domain and an unlimited number of accompanying sub-domains. A multi-domain Wildcard SSL certificate secures many different domains, sub-domains and multiple internal IPs with a single certificate.

Question 19

Can I have Wildcard SSL for IP Address?

Accepted Answer

For protecting multiple IP addresses, Wildcard SSL is not possible. One has to buy either Single Domain or Multi-Domain certificates to secure multiple IP addresses.

Question 20

How do we make payment?

Accepted Answer

Payments for SecureNT Intranet SSL Certificates can be made via PayPal using credit/debit cards or through wire transfer (Swift) to SecureNT's bank account in India. If you wish to pay in your local currency, SecureNT can connect you with a reseller.

Question 21

Can we install SecureNT Intranet SSL Certificates on multiple servers?

Accepted Answer

Yes. SecureNT provides an unlimited server license, allowing installation on as many servers as needed.

Question 22

Do you issue Intranet SSL for internal names with regular TLDs?

Accepted Answer

Yes. SecureNT issues Intranet SSL to all internal names, whether they use any regular TLD or not.

Question 23

Are there any discounts available?

Accepted Answer

SecureNT offers a 30% discount on all standard Intranet SSL Certificates to educational institutions and non-profit organizations. Eligible customers should contact SecureNT with their requirements to receive a payment link.

Question 24

In what format do you issue the Intranet SSL certificates?

Accepted Answer

We issue SecureNT Intranet SSL certificate in PEM format with .cer extension. The PEM format is the most common format used for certificates. Extensions used for PEM certificates are cer, crt, and pem. They are Base64 encoded ASCII files. PEM formatted certificates contain the “Begin Certificate/End Certificate” statements. The DER format is the binary form of the certificate. DER formatted certificates do not contain the “BEGIN CERTIFICATE/END CERTIFICATE” statements.

Question 25

How to install Intranet SSL on Ubuntu Linux?

Accepted Answer

If you asked for the Intranet SSL without CSR, you would have received server.pfx file on email. Copy the server.pfx file to the Ubuntu machine. Ensure that openssl package is installed on Ubuntu. Run the following command

Question 26

How to create the CSR with SAN in Windows IIS?

Accepted Answer

Following steps are applicable for all versions of IIS. Windows Server should be domain joined. Open the MMC console and add the Certificate snap-in to it as Local Computer. Right Click Personal node on the left and Select All Tasks –>Advanced Operations –> Create Custom Request.

Question 27

How to create the CSR with SAN in Windows IIS?

Accepted Answer

Following steps are applicable for all versions of IIS. Windows Server should be domain joined. Open the MMC console and add the Certificate snap-in to it as Local Computer. Right Click Personal node on the left and Select All Tasks –>Advanced Operations –> Create Custom Request.

Question 28

What are the various types of Intranet SSL certificates offered by SecureNT?

Accepted Answer

SecureNT offers four types of Intranet SSL Certificates: Single Domain, Multi-Domain, Wildcard, and Multi-Domain Wildcard. Each is designed to secure various internal network configurations.

Question 29

How to install root/intermediate CA certificates on Android?

Accepted Answer

In Android 11+, to install a CA certificate, users need to manually: Open Device settings. Go to ‘Security’. Go to ‘Encryption & Credentials’

Question 30

How to quickly install CA certificates automatically on large number of Windows PCs?

Accepted Answer

One can use Microsoft Group Policy to install SecureNT CA certificates on a large number of PCs automatically. Here is a link to our blog which explains how to do it.

Question 31

Quick guide on how to install Intranet SSL certificate on IIS?

Accepted Answer

Step by step instructions on how to import the SecureNT Intranet SSL Certificate PFX file in Windows IIS Server (any version). It’s a two-step process. Step-1: How to Import the PFX File in IIS. From the Start menu, type MMC, and click OK. In the User Account Control window, click Yes

Question 32

Why use an Intranet SSL on internal network servers?

Accepted Answer

CA/Browser Forum (CA/B), the regulatory body that governs the SSL industry, does not allow Public CAs to issue Public SSL Certificates to Private Internal Networks covered under IETF RFC 1918. So, internal/private Servers have to use SSL Certificates from non-public CAs or Self-Signed Certificates.

Question 33

What is an Intranet SSL Certificate?

Accepted Answer

An Intranet SSL certificate is a Private/non-Public SSL (TLS) Certificate issued by SecureNT. Technically, it is similar to the SSL certificates issued by Public CAs (like DigiCert, GlobalSign, Entrust, Sectigo, or Let’s Encrypt) but it is used on internal networks or private sites.

Question 34

What is a Single Domain SSL certificate?

Accepted Answer

SecureNT Intranet SSL Certificate – Single Domain secures an Intranet Server’s Local Host Name, Server Name, internal/public IP Address, or Web page URL using Secure HTTPS protocol.

Question 35

How to create CSR with SAN values using OpenSSL?

Accepted Answer

For creating CSR with SAN values (X.509 v3 Extension) it’s important to create a configuration file with the required certificate details. Execute following command in openssl.

Question 36

What are the main features of SecureNT Intranet SSL Certificates?

Accepted Answer

SecureNT Intranet SSL Certificates secure internal domains, IPs, subdomains, and wildcard domains with fast issuance, expert support, and installation on unlimited servers. They support multiple servers using SAN values, have validity up to 10 years, and come with SecureNT Intranet Root & Intermediate CA chain.

Question 37

Is it compulsory to provide CSR to get Intranet SSL?

Accepted Answer

Not necessary. Just fill-up the form and we will generate the CSR (called Auto-CSR). And we will send the SSL Certificate along with the private key.

Question 38

What is Top-Level Domain (TLD)?

Accepted Answer

TLD is the acronym used for top-level domain. It’s the last segment of a domain name after the final dot. A great example of a TDL is: .com. The IANA officially recognizes three types of TLDs:

Question 39

How to install Intranet SSL on XAMPP Server?

Accepted Answer

To install Intranet SSL on XAMPP Server, create a folder to store SSL files, extract the certificate zip file into this folder, and configure the server to use these certificates.

Question 40

How to install and configure SecureNT Intranet SSL certificate on your Apache server?

Accepted Answer

Copy the required certificate files to your server from the supplied zip file. a. server.cer (File #1) b. SecureNT CA-Bundle.cer (File #5). Copy these files,

Question 41

Is SecureNT Intranet SSL Domain Validated (DV) or Organization Validated (OV)?

Accepted Answer

Since the SecureNT Intranet SSL Certificate is issued to an IP Address or Internal Name located on the internal network of an organization, there is no need to validate the Common Name (CN) or Organization name (O) or Subject Alternative Name (SAN) values. SecureNT is a private CA.

Question 42

What is a Multi-Domain Wildcard SSL certificate?

Accepted Answer

Instead of purchasing separate certificates for each domain and subdomain, you can manage everything with one certificate, reducing complexity and cost. Multi-Domain Wildcard SSL Certificates can function as both a Wildcard and a Multi-Domain certificate. You can place wildcard value (an asterisk or star) in the SAN field.

Question 43

How to generate correct CSR when IP address is in CN or SAN?

Accepted Answer

When an internal/external IP Address is part of Common Name (CN) or Subject Alternative Name (SAN) care needs to be taken while generating the CSR. If not done correctly then the latest browsers like Chrome and Edge give an error – “Your connection to this site is not secure.” Note that deprecated Microsoft Internet Explorer does not give any error in this case.

Question 44

What to do if the Client browser gives an error while accessing Servers with Intranet SSL?

Accepted Answer

Ensure that Intranet Root/Intermediate CA Certificates are installed on client machines. If errors persist, check antivirus settings and browser configurations to allow the certificates.

FAQs

What is a Private SSL Certificate? ?

Benefits of Private SSL Certificates

When to Use a Private Certificate

Summary:

Tagged In