GlobalSign Certificate Center.

Product Details GCC Account Setup CSR Payment Details Confirm Details Completed

Enter Promotional Code

Are you using a Campaign Code or Coupon Code?

Yes

SSL Certificate Type

	Single Domain Certificate Secures a single Fully Qualified Domain Name such as www.globalsign.com or secure.globalsign.com
	Wildcard SSL Certificate Secures all sub-domains on a single Fully Qualified Domain Name. e.g. the Certificate is issued to *.globalsign.com
	Public IP Address SSL Certificate Secures a single publicly accessible IP Address such as 210.10.10.01

For Certificates issued to sites beginning with www (or * for Wildcards) we will add the non-www or non-* version of your domain as a SAN free of charge. Your Certificate will work for www.domain.com and domain.com.

Extended Key Usage (EKU)

The EKU specifies what the keys in the SSL certificate can be used for. In order for a certificate to be used for SSL/TLS it must have Server Authentification. By defafult Client Authentication is also included. Please select the desired values from the list below based on your intended usage.

USAGE		NAME	OID
	Any Extended Key Usage	anyExtendedKeyUsage	2.5.29.37.0
	Server Authentication	id-kp-serverAuth	1.3.6.1.5.5.7.3.1
	Client Authentication	id-kp-clientAuth	1.3.6.1.5.5.7.3.2
	Code Signing	id-kp-codeSigning	1.3.6.1.5.5.7.3.3
	Email Protection(S/MIME)	id-kp-emailProtection	1.3.6.1.5.5.7.3.4
	IPSec End System	id-kp-ipsecEndSystem	1.3.6.1.5.5.7.3.5
	IPSec Tunnel	id-kp-ipsecTunnel	1.3.6.1.5.5.7.3.6
	IPSec User	id-kp-ipsecUser	1.3.6.1.5.5.7.3.7
	Time Stamping	id-kp-timeStamping	1.3.6.1.5.5.7.3.8
	OCSP Signing	id-kp-OCSPSigning	1.3.6.1.5.5.7.3.9
	KDC Authentication	id-pkinit-KPkdc	1.3.6.1.5.2.3.5
	Smart Card Logon	OID_KP_SMARTCARD_LOGON	1.3.6.1.4.1.311.20.2.2
	IPSec IKE	id-kp-ipsecIKE	1.3.6.1.5.5.7.3.17
	Certificate Trust List	msCTL	1.3.6.1.4.1.311.10.3.1
	Microsoft Server Gated Crypto	msSGC	1.3.6.1.4.1.311.10.3.3
	Encrypting File System	msEFS	1.3.6.1.4.1.311.10.3.4
	Netscape Server Gated Crypto	nsSGC	2.16.840.1.113730.4.1
	Key Archival	keyArchival	1.3.6.1.4.1.311.21.5
	IKE Intermediate	ipsec_kp_ike_intermediate	1.3.6.1.5.5.8.2.2
	Intel vPro	IntelVPro	2.16.840.1.113741.1.2.3

Validity Period

30 day	$xxx
45 day	$xxx
90 day	$xxx
half year	$xxx
1 year	$xxx
2 year	$xxx	- MOST POPULAR - RECOMMENDED - MOST POPULAR - MOST POPULAR - MOST POPULAR - RECOMMENDED - RECOMMENDED

Add Exchange Unified Communications Certificate (UCC) SANs

Secure the www, autodiscover, mail & owa subdomains on your domain for Exchange 2007 Server / Office Communications Server. Free of charge option. - $xxx

www

owa

mail

autodiscover

Check appropriate box to add UC support to your Certificate

Add specific Subject Alternative Names (SANs)

Your Certificate will be issued to a specific Domain Name. When you buy a Certificate for www.yourdomain.com, we give you yourdomain.com as a free SAN. If you want to add further SANs and secure multiple sites, servers or IP addresses with a single Certificate, select Yes and enter the number of each SANs type you will add to the Certificate.

Yes

Add multiple domain names Secure multiple Domain Names, they can be different to the Domain Names you will specify in the CSR	at $xxx each : 0
Add multiple domain names with wildcard Secure all sub-domains on a single Fully Qualified Domain Name. e.g. a SAN in the certificate contains *.ssl-globalsign.com	at $xxx each : 0
Add multiple subdomains Secure subdomains of the Domain Name you will specify in the CSR	at $xxx each : 0
Add multiple public IP addresses Add Public IP Addresses (must be publicly accessible and owned by the applicant organization)	at $xxx each : 0
Add multiple internal server names or internal IP addresses Add Internal Addresses such as 10.10.10.01 or localhost	at $xxx each : 0

When a browser comes across a Certificate with SANs, it knows that the Certificate can be used to secure not just the primary domain to which it's been issued, but also whatever it finds in the SANs section. By adding SANs your Certificate can secure other server “names” such as other domain names, subdomains, IP addresses and internal server names.

Request a Qualified Website Authentication Certificate (QWAC)

QWACs are a special type of SSL/TLS Certificate specified by the EU eIDAS regulation and may be required to meet certain regulatory compliance (e.g. PSD2). For more information, please visit this FAQ.

Yes

$xxx

I want a 1-year QWAC
A Standard QWAC certificate is intended for those who are not payment service providers but need to comply with EU eIDAS regulation. For more information, please see this FAQ.

I want a 1-year PSD2 QWAC
A PSD2 QWAC includes additional attributes as specified by Commission Delegated Regulation (EU) 2018/389 (commonly referred to as the PSD2 RTS). Please supply the information below so we can validate this with the National Competent Authority (NCA) for your country. Please visit this FAQ for more information.

Please select your National Competent Authority (NCA) from the list below

Please enter the Payment Service Provider (PSP) Number provided by your NCA:

Please select your PSP Role(s):

	PSP_AS: Account Servicing
	PSP_PI: Payment Initiation
	PSP_AI: Account Information
	PSP_IC: Issuing of Card-based payment instruments

Are you renewing this Certificate ?

Yes

Enter either the Order No. or the original Certificate you are renewing to identify the order renewal information.
Original Order No:
Original Certificate:

Customize Expiration Date

Set a custom expiration date - $xxx

Total Amount for this Certificate

$0 (excluding tax)

Enter Promotional Code

SSL Certificate Type

Extended Key Usage (EKU)

Key Type

Key Usage (KU)

Validity Period

Add Exchange Unified Communications Certificate (UCC) SANs

Add specific Subject Alternative Names (SANs)

Request a Qualified Website Authentication Certificate (QWAC)

Are you renewing this Certificate ?

Customize Expiration Date

Total Amount for this Certificate