The SSL Certificates Area provides MRAOs and nominated RAO / DRAO SSL administrators with the information and controls necessary to manage the life-cycle of SSL certificates for an Organization.
• MRAOs can request and manage SSL certificates for any Organization/Department. Can approve or decline certificate requests made for automatic installation and using the external application form for any Organization or Department. • RAO SSL admins can request and manage certificates for their delegated Organization(s). Can approve or decline
certificate requests made for automatic installation and using the external application form for their Organization. • DRAO SSL admins can request SSL certificates for domains belonging to their delegated Department(s). Can approve
or decline certificate requests made for automatic installation and using the external application form for their Organization.
Note: The SSL Certificates area is visible only to MRAO Administrators and RAO / DRAO SSL administrators. For more details refer to 1.2.3 Administrative Roles.
Comodo Certificate Manager - Administrator Guide
SSL Certificates Sub-tab - Table of Parameters
Column Description
Common
Name The domain name that was used during the SSL certificate request. This domain name refers to the 'Common Name' in the SSL certificate itself. Organization Name of the Organization that requested or has been issued with the certificate listed in the
'Common Name' column.
Department Indicates the specific Department of the Organization that is associated with the certificate. This column will be blank if a Department has not been delegated as the controlling entity.
Status Indicates the current status of the certificate.
Requested The certificate application was made for auto-installation or using either the Self Enrollment Form or the Built-in application form. Once the applicant has requested the certificate, his/her request appears in the 'SSL Certificates' sub-tab with a 'Requested' state. The Administrator can "View", "Edit", "Approve" or "Decline" this request.
A certificate can be requested by
• An applicant using theSelf Enrollment Form.
• An MRAO - for any Organization or Department - using Auto Installation feature,
Self Enrollment Formor theBuilt In Application Form
• An RAO SSL administrator- for Organizations and Departments which they have been delegated control. Can useAuto Installation feature, Self Enrollment Formor the Built In Application Form
• A DRAO SSL administrator - for Departments of an Organization which they have been delegated control. Can useAuto Installation feature, Self Enrollment Formor the Built In Application Form
Approved A certificate request that was made using the Auto Installation feature or the Self Enrollment Form has been approved by one of the following:
• An MRAO
• An RAO SSL administrator of the Organization on whose behalf the request was made.
• A DRAO SSL administrator of the Department on whose behalf the request was made.
Applied The request has been sent to the Certificate Authority (CA) for validation. In order to accelerate the validation process, the administrator can request the domain control administrator to complete the domain control validation process, through out-of-band communication like email, if the response for DCV is not received for long time.
Issued (number of found certificates)
The certificate was issued by CA and collected by Certificate Manager. A Blue font color (Issued) means that the certificate was issued by CA but was not installed. Placing the mouse cursor over the 'Common Name' will display the name of the Vendor that is associated with this certificate.
A number in parentheses to the right of the certificate's status indicates how many servers this specific certificate is installed upon. Placing the mouse cursor over the 'State' column will display all the IP address / Port combinations that this certificate was found on.
Expired The certificate is invalid because its term has expired. Placing the mouse cursor over the 'Common Name' will display the name of the Vendor that is associated with this certificate. A number in parentheses to the right of the certificate's status indicates how many servers this specific certificate is installed upon. Placing the mouse cursor over the 'State' column will display all the IP address / Port combinations that this certificate was found on and will display a certificate expired warning.
Comodo Certificate Manager - Administrator Guide
SSL Certificates Sub-tab - Table of Parameters
Column Description
'Common Name' will display the name of the Vendor that is associated with this certificate. A number in parentheses to the right of the certificate's status indicates how many servers this specific certificate is installed upon. Placing the mouse cursor over the 'State' column will display all the IP address / Port combinations that this certificate was found on and will display a certificate revoked warning.
Declined A certificate request that was made using the Self Enrollment Form or the Built-in Application Form has been rejected by one of the following:
• An MRAO - can decline any certificate requests from any Organization or Department • An RAO SSL administrator can decline certificate requests for Organizations over
which they have been delegated control.
• An DRAO SSL administrator can decline certificate requests for Departments over which they have been delegated control.
Invalid The Certificate Authority did NOT process the certificate request because of an error the applicant made in the enrollment form (e.g. CSR contains incorrect details).
Rejected The Certificate Authority rejected the request after a validation check. Unmanaged
(n - number of found certificates)
This state applies to certificates that were detected by a networkDiscovery Scanbut were NOT ordered and issued through Comodo Certificate Manager (including any pre-existing Comodo certificates that may have been ordered from the website or partner API's). The red color(Unmanaged)indicates, that he certificate's term has expired. Placing the mouse cursor over the 'Common Name' will display the name of the Vendor that is associated with this certificate.
A number in parentheses to the right of the certificate's status indicates how many servers this specific certificate is installed upon. Placing the mouse cursor over the 'State' column will display all the IP address / Port combinations that this certificate was found on.
Expires Expiration term of the certificate. Server
Software Indicates the current status of the server on which the certificate is auto- installed. Blank The server is not configured for Auto-Installation and Auto-Renewal
Active The server is configured for Auto-Installation and Auto-Renewal
Error Indicates that errors generated during the server configuration or automatic certificate installation.
Restart Required
Indicates that the server has to be restarted after automatic installation of a certificate by CCM. The installation will be active only on next restart of the server.
Note: Restarting the server after automatic certificate installation is required only for Apache. The server can be restarted from the Certificate Details dialog. For more details please see the section Restarting Apache after Auto-Installation of SSL Certificate.
Comodo Certificate Manager - Administrator Guide
SSL Certificates Sub-tab - Table of Parameters
Column Description
Order Number The order number of the certificate request as assigned by the Certificate Authority, when the request was made.
Self Enrollment Certificate ID
Displays the unique enrollment ID assigned to the certificate request, If the certificate was obtained by self enrollment by the domain administrator.
IP address Displays all the IP address / Port combinations on which the certificate is installed.
Issuer Displays the details of the Certificate Authority that issued the certificate and the name of the certificate.
Serial Number Displays the serial number of the certificate that is unique and can be used to identify the certificate.
Requester Displays the name of the CCM administrator that has requested the certificate through the auto- install feature or the built-in enrollment form, or e-mail of end-user that has requested the certificate through the self-enrollment form.
Requested Displays the date of the certificate request. External
Requester Displays the the email address of the external requester on behalf of whom the administrator has requested the certificate through the built-in enrollment form. Subject Alt
Name
Displays the names of domain(s) for which the certificate is used for.
City Displays the name of the city entered while creating the Organization / Department. Country Displays the name of the country entered while creating the Organization / Department.
Comodo Certificate Manager - Administrator Guide
SSL Certificates Sub-tab - Table of Parameters
Column Description
Key Algorithm Displays the type of algorithm used for the encryption. Key Size Displays the key size used by certificate for the encryption. MD5 Hash Displays the MD5 hash for the certificate
SHA1 Hash Displays the SHA1 hash for the certificate Control Buttons Note: The type of control buttons that are displayed above the column header depends on the state of the selected certificate
Details Allows the administrator to view information about the certificate (seeSSL certificate 'Details' dialog description).
Revoke Revokes the certificate.
Install Uses the auto-installer feature to install the certificate on the target web server. See the section Automatic Installation and Renewal for more details.
Replace Replaces the existing certificate with a new one. Note: You will be prompted to specify new CSR.
Approve Approves certificate requests that were made for Auto Installation and using the auto- installation feature or the Self Enrollment Form and sends the request for the certificate to Comodo CA (the issuing Certificate Authority). Once submitted, the certificate State will change to 'Applied'. If the request is approved by Comodo CA, the certificate State changes to 'Issued'. If the request was declined by Comodo CA because of incorrect enrollment details (for example, a mistake in the CSR or other form value), then 'State' will be listed 'Invalid'. If the request was declined by Comodo CA for legal reasons then the certificate will have a status of 'Rejected'. Certificate requests can be approved by:
• An MRAO
• An RAO SSL administrator of the Organization on whose behalf the request was made.
• A DRAO SSL administrator of the Department on whose behalf the request was made Decline Declines the certificate request. This request will not be sent to Comodo Certificate Authority for
processing.
Edit Enables administrator to edit SSL certificate parameters. This option is available only for certificates with a state of 'Requested', 'Rejected' or 'Invalid'.
Renew Clicking the 'Renew' button will open the 'Renew Certificate' dialog which will be pre-populated with the company and domain details of the existing certificate. Clicking 'OK' will submit the certificate renewal request.
This control is available only for the certificates states of: Issued, Expired and Unmanaged.