hometriangle-righttriangle-leftmenu3

SSL Market Guide - Sourcing and Installation

https://www.sslmarket.co.uk

u: gerryg@spiderscope.com
p: SSLSpiD3r1688

New Certificate 

  1. Login.
  2. Order New (left hand side)
  3. Check RapidSSL click 'Order'
  4. Complete form:
    1. Domain: www.spiderscope.com (example)
    2. Validity: 1 Year
    3. Date of Issue: NEW

 

  1. Certificate Applicant (company you're buying for: i.e. London Party Boats)
  2. Person for Authorization: (Your own details or support@)
  3. Uncheck " Technical contact is the same as the authorization contact" ensure technical contact email is set to gerryg@spiderscope.com (required for renewal notices)
  1. Billing details – should be left with Gerry's details.
  1. Email – doesn't matter, we wont be using this method (unless we don't host the site / have ftp access).
  1. Alternative verification (preferred method) – select 'by a file to FTP'
  1. Generate CSR and private key, SAVE and KEEP this file in jid folder.
  1. Check the checkboxes and click 'Order an SSL certificate'
  2. Pay for certificate, List of Orders > Detail > Pay via PayPal (pp@spiderscope.com)
  3. Follow the verification steps under 'Domain Verification' below.
  4. Follow the pfx generation and certificate installation procedures below.

 

Renewal

  1. Login.
  2. List of certificates (left hand side)
  3. Find the domain in the list - probably under the exipiring certifiates section - click magnifying glass.
  4. Click the big green Renew button
  5. Click proceed under 'I want to renew the same certificate'
  6. Select '1 year' validity and proceed.
  7. The forms should already be filled out already, apart from the next point.
  8. Uncheck " Technical contact is the same as the authorization contact" ensure  details are set to gerryg@spiderscope.com (required for renewal notices)
  1. Click proceed
  2. Billing details – should be left with Gerry's details - proceed
  1. Email – doesn't matter, we wont be using this method (unless we don't host the site / have ftp access).
  1. Alternative verification (preferred method) – select 'by a file to FTP'
  2. Click the "Generate CSR and private key" link, SAVE and KEEP this file in jid folder. - Proceed
  1. Check the T&C's checkboxes and click 'Order an SSL certificate'
  2. Pay for certificate, List of Orders (Left Menu) > Detail (magnifying glass) > Pay via PayPal (pp@spiderscope.com)
  3. The main list of orders will now show the new certificate as 'request placed'
  4. After a short while the fileauth.txt will be available to download from the main order details page, save it to the JID folder, check the code is different from last years as the old one will still be available to download and there is no indication it has updated
  5. Follow the verification steps under 'Domain Verification' below.
  6. Wait for the request to be processed, this may take about 20 min - 
  7. Follow the pfx generation and certificate installation procedures below.

 

Domain Verification 

  1. Create folder(s) in root: /.well-known/pki-validation/
  1. Upload file the provided "fileauth.txt" file to /.well-known/pki-validation/
  1. Click 'Update' near top of page. Certificate is usually issued within 15-20 minutes – Gerry will receive an email confirming how to verify domain (provided you filled your details in as the person for authorization).
  2. Validation may be hampered by any redirects from HTTP to HTTPS (purely conjecture at the moment)

  

Generating PFX File

  1. Under the  "Export of the SSL certificate (PFX format)" heading (almost bottom fo page) click 'Show Form'
  2. Paste your private key (as saved in step 11 above)
  3. Enter a password (usually www.domain.co.uk)
  4. Click 'Create PFX file' (errors appear at very top of page)
  5. Download file, save in jid folder.

 

Installing Certificate

Part One / Server Certificate Installation

  1. Upload the PFX file via FTP
  2. RDP in to server
  3. Double click certificate, place in 'Local Machine', click through the steps, mark as exportable and enter password specified previously (usually the domain name)

 

Part Two / IIS Bindings

  1. Open Internet Information Serviecs (IIS) 
  2. Expand Server > Sites > Click IIS Instance of Website.
  3. Click 'Bindings' in the right hand Actions panel
    1. If renewing select new certificate for both www and non www https bindings (Select https binding, edit, click 'select' and choose the new certificate which is obvious by expiry date)
    2. Check the "Require Server Name Indication" option is ticked
    3. If new – add bindings for www and non www. (also make sure you set up canonical domain rewrite rule and redirect to https)
  4. If you disabled the HTTPS redirect for the validation step, re-enable it now
  5. Visit website in your browser, click the padlock and view the certificate to check the expiration date is correct.
Copyright © 2026 Spiderscope. All Rights Reserved.