Sectigo RSA Domain Validation Secure Server CA is a Certificate Authority (CA) that issues SSL/TLS certificates for domain validation purposes. It is operated by Sectigo, a major certificate authority and leading provider of digital certificates and automated Certificate Lifecycle Management (CLM) solutions.
Overview of Sectigo
Sectigo (formerly Comodo CA) is a major certificate authority that has been in business for over 20 years. They are one of the oldest and largest CAs providing SSL certificates to websites across the globe.
Key facts about Sectigo:
- Issues OV, EV and DV certificates under various brands like Sectigo, Comodo, and AlphaSSL.
- As of 2022, Sectigo is the largest commercial CA in terms of market share for browser trusted certificates.
- Sectigo has issued over 100 million SSL certificates since inception.
- Provides certificates for 27+ percent of the Fortune 500 companies.
- Operates globally with headquarters in Roseland, New Jersey and offices in United Kingdom, Germany, France, India and Japan.
Purpose of Sectigo RSA Domain Validation Secure Server CA
The Sectigo RSA Domain Validation Secure Server CA is one of Sectigo’s intermediate Certificate Authorities that issues DV certificates for securing websites.
Some key points about this particular intermediate CA:
- It is an RSA-based CA that issues RSA certificates for the RSA encryption algorithm. Other Sectigo CAs may issue ECC-based certificates.
- “Secure Server” indicates it issues certificates for securing HTTP servers, i.e. websites accessed via HTTPS.
- As the name suggests, it specifically provides domain validated (DV) certificates that confirm ownership of the domain name only.
- Automated issuance allows DV certificates from this CA to be obtained quickly, generally within minutes/hours.
- It is cross-signed by the Sectigo Root CA which is trusted in all major browsers and operating systems. This provides the chain of trust.
Certificate Issuance Process
The process for obtaining a DV certificate from Sectigo RSA Domain Validation Secure Server CA generally follows these steps:
- Generate Certificate Signing Request (CSR): The private and public keys are created on the server where the SSL certificate will be installed. The CSR contains the public key and domain details.
- Submit Validation Information: The CSR is submitted to Sectigo, along with identifying the domain administrative contacts for validating domain control.
- Automated Validation: Sectigo automatically validates ownership of the domain name through standard methods like Email, HTTP file validation, or DNS TXT record.
- Certificate Issued and Signed: Upon successful validation, the Sectigo RSA DV CA signs the certificate with its private key and returns the final certificate.
- Install Certificate: The issued certificate is installed on the web server to enable HTTPS and SSL encryption.
This process is typically completed within minutes or hours, allowing fast deployment of SSL on websites.
Supported Validation Methods
Sectigo RSA Domain Validation Secure Server CA supports various standard methods of domain validation during the certificate issuance process:
- Email Validation: Email sent to WHOIS or administrative domain contacts to confirm certificate issuance request.
- HTTP Validation: Web server responds to GET request by hosting a validation file at Sectigo’s specified URL under the base domain.
- DNS Validation: DNS TXT record created with random value provided by Sectigo, confirmed automatically.
- IP Address Validation: Certificate lists IP address for domain upfront, which Sectigo then validates control over.
The methods provide fully automated domain validation. Sectigo determines the appropriate validation method based on the certificate signing request.
Trust and Browser Compatibility
The Sectigo RSA Domain Validation Secure Server CA certificate is trusted in all major web browsers and operating systems. This establishes the credibility of the issued certificates.
Specifically, it is trusted by:
- Microsoft: Windows, Windows Phone, Internet Explorer, Microsoft Edge
- Mozilla: Firefox, Thunderbird
- Apple: macOS, iOS, Safari
- Google: Android, Chrome OS, Chrome
- Oracle: Java, Solaris
- Blackberry: Blackberry OS, Blackberry Browser
Therefore, any DV certificate issued by this intermediate CA will be trusted by virtually all users. The validation process provides the domain level assurance needed for encryption.
Conclusion
The Sectigo RSA Domain Validation Secure Server CA serves an important role in the SSL certificate market by providing affordable and convenient domain validated certificates to websites across the globe. With over 20 years of experience, Sectigo is a trusted leader in SSL solutions. This specific intermediate CA allows organizations to enable HTTPS and basic encryption for their websites rapidly through fully automated domain validation methods. While appropriate mostly for non-sensitive sites, the certificates help secure web traffic and establish trust. For fast and budget-friendly SSL certificates, the Sectigo RSA DV CA delivers solid value and capabilities for many use cases.
Frequently Asked Questions
What types of certificates does the Sectigo RSA DV CA issue?
It issues domain validated (DV) certificates, confirming ownership of the domain name only through automated validation. It does not verify legal business identity.
How long does it take to issue a DV certificate from Sectigo RSA DV CA?
The fully automated process typically completes in minutes or up to a few hours maximum. This allows sites to enable SSL rapidly with minimal wait time.
What domain validation methods can be used?
The Sectigo RSA DV CA supports various automated domain validation methods including email, HTTP file, DNS TXT record, and IP address validation. Sectigo determines the appropriate method.
Does the Sectigo RSA DV CA issue OV or EV certificates?
No, this particular intermediate CA issues domain validated (DV) certificates only. Sectigo has other CAs that issue organization validated (OV) and extended validation (EV) certificates which require more extensive identity verification.
What is the warranty/support for DV certificates?
DV certificates issued by the Sectigo RSA DV CA come with a 30 day money back guarantee and technical support. The standard warranty period is 1 year but extended warranties are available.
Can a single DV certificate secure multiple domain names?
Yes, Sectigo allows securing www and multiple sub-domains under a single domain validated certificate, providing an economical way to secure multiple sites.
Does the Sectigo RSA DV CA chain to a trusted root?
Yes, the CA certificate is signed by the widely trusted Sectigo RSA Root CA which is included in all major browser and OS trust stores. This establishes the chain of trust.
What cryptographic hash algorithm does the CA use to sign certificates?
The Sectigo RSA Domain Validation Secure Server CA uses the SHA-256 hashing algorithm when signing issued certificates. This provides 256-bit encryption strength.
What is the maximum validity period for certificates issued by this CA?
Sectigo RSA DV certificates have a maximum validity period of 397 days. However, 1- or 2-year validity periods are also available. The validity determines when the certificate will expire.
