Entrust Certificate Management Service FAQ

This section provides the answers to the most commonly asked questions about Entrust Certificate Management Service. If you have a question that is not answered here please contact Entrust Certificate Services Support.

1. What features are included with the Entrust Certificate Management Service?
2. How do I purchase the Entrust Certificate Management Service?
3. Which methods of payment can be used to pay for the Entrust Certificate Management Service?
4. What information will I need to provide to apply for the Entrust Certificate Management Service?
5. What is the maximum number of Technical Contacts that can be enrolled for this service?
6. How do I change the initial Technical Contact information provided during enrollment?
7. What is a Client Module?
8. What is the Client Management link?
9. What is the Service Allocation Request link?
10. Can I create certificates for my Clients?
11. How do I request to add my clients to my account?
12. Will my clients be contacted by Entrust?
13. Is there an expiry date on my account?
14. Will I receive notification when my Entrust Certificate Management Service will expire?
15. Which credentials do I need to login to the Entrust Certificate Management Service?
16. What is Entrust TruePass? software?
17. How do I get my account credentials to log on to the service?
18. What should I do if I forget my Entrust Unique ID password?
19. What happens if I do not logout?
20. How do I renew the Entrust Certificate Management Service?
21. What is the difference between a Standard and an Advantage SSL Certificates?
22. What is the Subject Alternative Name?
23. How do I install an Standard SSL Certificate in my environment?
24. How do I install an Advantage SSL Certificate in my environment?
25. What are Entrust Extended Validation SSL Certificates?
26. How do I install an Extended Validation SSL Certificate in my environment?
27. What are Entrust Unified Communication SSL Certificates?
28. How many URIs (hostnames) can I include with my UC Certificate?
29. How do I install a Unified Communications Certificate in my environment?
30. How do I contact Entrust Certificate Services for additional assistance?

1. What features are included with the Entrust Certificate Management Service?

   The Entrust Certificate Management Service is a self-service administration tool that streamlines the procurement and administration of Web server certificates. Acting as a centrally managed, self-service point-of-purchase, the Entrust Certificate Management Service reduces administrative hassles and lessens the risk of inadvertent certificate expiration by allowing customers to synchronize and control the timing of certificate expiration and "pool" or "re-use" certificates to maximize usage.

   In order to establish your account, the Entrust Certificate Management Service entitles you 5 SSL certificates, 10 domains, 10 organizational (company) name and two Administrator accounts. In order to host your clients, you will be provided 10 Client Company Names and 10 Client Domain Names.

   If you require more resources, you can purchase them through your Entrust Certificate Management Service account by selecting the link "Purchase Add'l Service" or you can contact your Entrust Sales representative at:

   Phone: 1-888-690-2424 (toll free within North America)
   Phone: 1-613-270-3411 (outside of North America)
   Email: entrust@entrust.com

2. How do I purchase the Entrust Certificate Management Service?

   The Service must be purchased through an Entrust Sales representative. A minimum quantity of 5 certificates is required. Please contact Sales at:

   Phone: 1-888-690-2424 (toll free within North America)
   Phone: 1-613-270-3411 (outside of North America)
   Email: entrust@entrust.com

3. Which methods of payment can be used to pay for the Entrust Certificate Management Service?

   You can purchase the Entrust Certificate Management Service with a purchase order (PO) or credit card (Visa, MasterCard, American Express)

4. What information will I need to provide to apply for the Entrust Certificate Management Service?

   When purchasing the Entrust Certificate Management Service, you will be required to accept the terms and conditions of the Service Agreement located at http://www.entrust.com/about/practices.cfm. When your purchase has been processed, you will receive instructions via email on how to enroll for the service. You will be required to provide the following information: your Company's Domain Information, Administrator(s), Authorization Contact, Technical Contact(s), and Billing Contact. This information is used to establish your account and create user profile(s)

5. What is the maximum number of Technical Contacts that can be enrolled for this service?

   You are entitled to enroll for one (1) Primary Technical Contact and one (1) additional Technical Contact. Each of the Technical Contacts will be issued a profile for accessing the service.

6. How do I change the initial Technical Contact information provided during enrollment?

   To change the Technical Contact information, you must send an email directly to ssl@entrust.com.

7. What is a Client Module?

   Client Module refers to the ability to manage client accounts and their domain names list, add new clients, view, edit (add or remove domains) or deactivate existing client accounts.

   When "Client Module" is ON you will see the "Client Management" link.

   When "Client Module" is OFF you will see the "Service Allocation Request" link

8. What is the Client Management link?

   The Client Management link allows Super Administrators to add new clients (company and domain names) and view, edit (delegation of resources) or deactivate existing clients.

9. What is the Service Allocation Request link?

   The Service Allocation Request link allows Super Administrators to request available inventory (domain names or organizational names) to be added to your authorized list. When the verification is successful, Entrust will complete the modifications to your service and notify the Administrators.

10. Can I create certificates for my Clients?

    Yes, you can create certificates for your Clients. Before you start, you will need to purchase Client Company Names from Entrust, if you do not already have them.

    To purchase Client Company Names, a request can be made using the Purchase Add'l Services interface and entering the quantity beside the item required. Once this request has been submitted an e-mail is sent to an Entrust Sales representative, who will contact you shortly.

    An Entrust Sales representative can also be contacted directly at:

    Phone: 1-888-690-2424 (within North America)
    Phone: 1-613-270-3411 (outside North America)
    Email: entrust@entrust.com

11. How do I request to add my clients to my account?

    You can submit your request through the E-form or from within the Entrust Certificate Management Service interface under the Admin Tools -> Client Management link

12. Will my clients be contacted by Entrust?

    Your clients will be contacted by Entrust so that we can verify all the information in the client request and get their consent that you (webhoster) are authorized to request a certificate on their behalf.

13. Is there an expiry date on my account?

    Yes, your account will expire one or two years from the first day you sign into your account. The expiry date can be found on the Contract Information page when you log into your Entrust Certificate Management Service.

14. Will I receive notification when my Entrust Certificate Management Service will expire?

    Yes. You will receive email notification from Entrust Certificate Services at approximately 1 month prior to expiry and then again at 2 weeks prior to expiry.

15. Which credentials do I need to login to the Entrust Certificate Management Service?

    Entrust has created a secure web portal to allow customers to securely access our online services, which includes the Certificate Enrollment Service for Entrust Certificate Management Service. When you register as a client for the service, you will be issued an Entrust Unique ID that you will use to access your Entrust Certificate Management Service. If you already have an Entrust Unique ID, you will be able to use this same ID to access your account. The Entrust Unique ID is based on the industry leading Entrust TruePass? software.

16. What is Entrust TruePass? software?

    Entrust TruePass? software makes it possible for Entrust to verify the identity of the individuals that are visiting and using our Web portal. It also provides industry-leading protection of information privacy and verification of online transactions. Information that is protected by Entrust TruePass is secure as it is transmitted over the Internet and when it is stored on the Web server and back-end servers.

    Through unique "zero-footprint" encryption and digital signature technology, Entrust TruePass provides the essential identification, verification, and privacy capabilities needed to bring critical business functions to the Web. Client software does not need to be installed or configured on a user's computer to deliver these certificate-based enhanced security features. Entrust TruePass provides end-to-end Web security with unmatched user transparency, user mobility and ease of deployment.

17. How do I get my account credentials to log on to the service?

    Upon enrolling for the service, Entrust will provide each Technical Contact with instructions on how to establish their Entrust Unique ID. Once the ID has been established, customers should login using the following link: https://managed.entrust.com

18. What should I do if I forget my Entrust Unique ID password?

    If you forget your Unique ID password, you are able to perform self-recovery by selecting the link "Forgot your password?" on the login screen and following the instructions.

19. What happens if I do not logout?

    The interface will automatically disconnect your Unique ID after twenty minutes of inactivity.

20. How do I renew the Entrust Certificate Management Service?

    To renew your service, contact your Entrust Sales Representative at:

    Phone: 1-888-690-2424 (toll free within North America)
    Phone: 1-613-270-3411 (outside of North America)
    Email: entrust@entrust.com

21. What is the difference between a Standard and an Advantage SSL Certificates?

    Advantage SSL Certificates are certificates that can be used to create a secure, confidential communications "pipe" between a web server and a browser, or between two servers.

    An Advantage SSL certificate contains different certificate extensions than a Standard SSL certificate. There are two additional extensions to an Advantage certificate which can provide greater functionality.

    These extensions are Client Authentication and Subject Alternative Name (DNS only).

    A Standard SSL certificate contains only the Server authentication extension and can be used for browser-to-server SSL communication only.

    An Advantage SSL certificate can be used for browser-to-server and server-to-server SSL security. As well you can secure a total of 2 common names (ie: DNS Alias) with one SSL certificate via the Subject Alternative Name extension (SubjectAltName).

22. What is the Subject Alternative Name?

    The subject alternative names (SubjectAltName) extension allows one SSL certificate to be used to secure one web server with multiple names (such as a different DNS name, IP address, or URI).

    SubjectAltName extension is a feature available in Advantage and Extended Validation SSL certificates. When submitting the CSR (Certificate Signing Request), you have the option to provide an alternative identity to be bound to the subject of the certificate (i.e. valid domain name, IP address or URI). If you do not need this functionality, please leave the SubjectAltName field blank

23. How do I install an Standard SSL Certificate in my environment?

    For certificate installation instructions, please visit http://www.entrust.net/ssl-technical/webserver.cfm and select the web server in your environment.

    Please note: Entrust does not provide documentation or support for custom applications.

24. How do I install an Advantage SSL Certificate in my environment?

    The installation of an Advantage SSL Certificate is the same as a Standard SSL Certificate and will be subject to application specific requirements. In general, the changes that are required to make use of an Advantage SSL Certificate are done on the target server and not the server where the certificate will be installed. These changes can be very specific and will greatly depend on the applications and environments involved.

    For certificate installation instructions, please visit http://www.entrust.net/ssl-technical/webserver.cfm and select the web server in your environment.

    Please note: Entrust does not provide documentation or support for custom applications.

25. What are Entrust Extended Validation SSL Certificates?

    An Extended Validation (EV) SSL Server Certificate is a new category of SSL certificate created by an industry consortium called the CA/Browser forum. This new category of certificate was conceived in response to the growing threat of phishing attacks with a goal of increasing consumer confidence in online transactions.

    EV certificates will be issued to websites only after rigorous validation of their identity. Web browsers will reflect this higher level of identity assurance with prominent and distinct trust indicators, such as the green address bar used by Internet Explorer 7.

    For more technical information regarding EV certificates, please visit http://www.entrust.net/ssl-technical/ev_faq.htm#q2.

26. How do I install an Extended Validation SSL Certificate in my environment?

    For certificate installation instructions, please visit http://www.entrust.net/ssl-technical/webserver.cfm and select the web server in your environment.

    Please note: Entrust does not provide documentation or support for custom applications.

27. What are Entrust Unified Communication SSL Certificates?

    Entrust UC Certificates are suited for use with server products that support multiple secure communications protocols and may need to process communications for multiple domains and multiple hostnames within domains . With UC Certificates, you are able to secure 10 or more hostnames on a server with the same SSL certificate using X.509v3 Subject Alternative Name (subjectAltName) extensions. UC certificates are compatible with Microsoft Exchange Server 2007 and Microsoft Office Communications Server 2007.

28. How many URIs (hostnames) can I include with my UC Certificate?

    You can include up to 10 URIs in your UC certificate, including the fully qualified domain name (FQDN) of your server.

29. How do I install a Unified Communications Certificate in my environment?

    For certificate installation instructions, please visit http://www.entrust.net/ssl-technical/msx2007/index.cfm

    Please note: Entrust does not provide documentation or support for custom applications.

30. How do I contact Entrust Certificate Services for additional assistance?

    If you have additional questions, or need information, please contact Entrust Certificate Services Support by calling 1-866-267-9297 within North America (1-613-270-2680 outside of North America), Monday through Friday 9:00 AM to 5:00 PM Eastern Time. You can also send them an email at ssl@entrust.com

• Understanding SSL Security

• New - Extended Validation SSL
• Managing SSL Security

• Entrust Certificate Management Service

• Get Technical
• Root Certificates
• Order Tracking
• Check the Certificate Revocation List (CRL)
• New! - Entrust EV SSL Certificate Revocation Information and Reporting Policy
• Revoke a Certificate

• Buy/Renew Online
• Enrollment Guide
• Frequently Asked Questions
• Contact Support
• Legal Agreements