๐Ÿ”’ SecureDot

Guide: Issuing Your First Certificate

This guide will walk you through the entire process of getting a new SSL certificate for your domain using the SecureDot platform.

Before You Begin

  • Make sure you have an account with SecureDot. If not, you can register on our homepage.
  • You will need access to your domain's DNS settings. This is usually managed through the website where you bought your domain (your domain registrar) or your hosting provider.

Step 1: Start a New Order

  1. From the SecureDot homepage, enter your domain name into the checker and click "Check SSL".
  2. The system will check if you already have a valid SSL certificate. If you don't, you will see a button that says "Secure Your Domain Now".
  3. Click this button. If you are not logged in, you will be prompted to do so.
  4. After logging in, you will be taken to your client dashboard, and a new certificate order will be created in a "draft" state.

Step 2: Pay for the Order

Our SSL package includes the certificate, automatic renewal for one year, and technical support for a single, one-time payment.

  1. On the order details page, you will see the payment section.
  2. Enter the mobile money phone number you wish to pay with (e.g., 078...).
  3. Click "Pay with Mobile Money".
  4. You will receive a prompt on your phone to approve the transaction. Please enter your PIN to confirm.

Step 3: Verify Domain Ownership

Once payment is complete, you need to prove you own the domain. We use the DNS-01 challenge for this. (You can learn more about how this works in our How the DNS Challenge Works guide).

  1. On the order details page, you will now see the "Ownership Verification" section.
  2. The platform will provide you with one or more TXT records. Each record will have a Name/Host and a Value.
  3. Log in to your DNS provider's dashboard.
  4. Navigate to the DNS management section for your domain.
  5. Create a new TXT record and copy the Name/Host and Value exactly as they appear on the SecureDot order page.
    • Important: For the host _acme-challenge.yourdomain.com, some DNS providers require you to only enter _acme-challenge. Please consult your provider's documentation if you are unsure.
  6. Save the new DNS record.

Step 4: Finalize and Download

DNS changes can take some time to spread across the internet (this is called propagation). It can take anywhere from a few minutes to an hour.

  1. Once you believe the DNS records have been updated, return to the SecureDot order page.
  2. Click the "Finalize Order" button.
  3. Our system will then ask Let's Encrypt to verify your DNS records. If the verification is successful, your certificate will be issued immediately.
  4. The page will update, and you will see a "Download Certificate" button.
  5. Click this button to download a ZIP file containing your certificate (.crt), your private key (.key), and the CA bundle (.pem).

Congratulations! You have successfully issued an SSL certificate.

Next Steps

  • Install the certificate on your web server. This process varies depending on your hosting provider (e.g., cPanel, Nginx, Apache). See our Install SSL On Your Server guide for more help.
  • Keep your private key safe! For your security, SecureDot does not store your private key. You will need it for installation and renewal, so store it in a secure location.