Link Search Menu Expand Document

Create a Free TLS/SSL Certificate

You can create a free TLS/SSL certificate in the RCL Website’s home page.

  • Add the hostname. The hostname must be a primary apex domain (eg. contoso.com). Sub-domains (eg. www.contoso.com, shop.contoso.com, etc) , wild card domains (eg. *.contoso.com) and mult-domain SAN are not supported in free certificates. Do not include ‘http’ or ‘https’ in your hostname. Click the ‘Create Now’ button when you are done

image

  • Add a Microsoft Email for the SSL/TLS certificate. If you do do not have a Microsoft Email, you can create one in the Sign-In page

image

  • Add a password for the certificate

image

Completing the DNS Challenge

In your management portal from your domain registrar, add a DNS TXT record (name/host) as defined in the ‘DNS Validation’ page (note the underscore ‘_’ at the start) with the value as defined on the page

image

  • This is an example of a DNS TXT record in the ‘Azure DNS Zone’ domain management portal

image

  • This is another example of a DNS TXT record in the ‘GoDaddy’ domain management portal

image

  • Your domain registrar will have a similar portal to add your DNS TXT record

  • You can test the DNS record in the Dig site. In the site add the name identified in the DNS Validation page; and select the TXT record. The value for the record will be shown in the TXT section

image

  • If you see the correct DNS TXT record and value as specified in the validation page, the test is successful

  • If the test is successful, click the Validate button.

  • You will need to wait up to 10 mins to validate the DNS record and create the certificate. When this is done, the SSL/TLS certificate will be displayed in the Certificates Details page.

image

Accessing the TLS/SSL Certificate

  • To access the certificate, click the Go to Certificate Details button

  • You can download the certificate in .PFX, .CER, .CRT or .PEM formats.

image

  • You can also download the Certificate files required for installation in specific web servers (Apache, Apache Tomcat, NGINX, etc). The files include :

  • Certificate Private Key (.key)
  • Primary Certificate (.crt)
  • Intermediate Certificate (CA Bundle) (.crt)
  • Full Chain Certificate (.crt)

image

Certificate Installation

You will need to manually download and install your certificate in your web server. The following links provides instructions on how to install the certificate in a web server

Rate Limits

There is a rate limit of 1 SSL/TLS certificate per email per week.