Automatically Generate Unique IoT Device Certificates Using Prevalidated Domains

Introduction:

SSL.com provides a domain prevalidation capability that speeds up the process to issue certificates. The process is extended to all subdomains to the left of the validated domain.

Why is This Important:

SSL.com, in support of industry standards, will not issue an SSL/TLS certificate for a domain and its subdomains until it has been validated. Prevalidating a domain satisfies this requirement while speeding up the process.

With the growth of IoT devices on the internet, the challenge of properly securing thousands of devices can be overwhelming. The ability to prevalidate the domain not only speeds up the certificate issuing process but also provides a consolidated portal to manage large quantities of certificates.

How to Prevalidate a Domain:

  • Sign on to your SSL.com account.
  • Proceed to the Domains Tab and click to open.
  • You will find a secondary link titled [learn about pre-validating domains]
  • This references the process to follow.

If you choose to use the command line, an example sequence is here:

Please note, the redacted field is your secured account code and secret key.           

curl -k -H "Accept: application/json" -H "Content-type: application/json" -X POST -d "{\"account_key\":\"[REDACTED]\",\"secret_key\":\"[REDACTED]\",\"product\":\"105\",\"period\":\"365\",\"domains\":[\"*\"],\"csr\":\"-----BEGIN CERTIFICATE REQUEST-----\nMIICizCCAXUCAQAwGDEWMBQGA1UEAwwNKi55b3Vyc2l4LmNvbTCCASIwDQYJKoZI\r\nhvcNAQEBBQADggEPADCCAQoCggEBALzGjEr2bDEhAfTigBa61iqZ62mfXSvbfxBt\r\nrtA+i56ubTJdFR2FGfAps3RCODG4jeZKrq6H/CpiVj0mNWj6ajVL0E1XCJAhlzUB\r\niHy7SyfBek8LEHlfszOjvSRugIgxutAWPoGsPG9xGc7dNKbrT4/hoaeptcwfddto\r\n+4xwOj1Sf7g/Dip0BCAlv0FKVcNeXNcdXf0VbtX1Tuqig+6Re+a3atF3Z+i+63Df\r\nrKtiZfIMdVFJP10dMNBLZzw3J2b+nCy7Q+B3XhcO35yhP+gSFwxbxXfEG0STvq4n\r\nz3CBNBIbL1f4okgCsTCs2k58xXJ1VbH7PDNy6nxLPDt39EXQFgcCAwEAAaAwMC4G\r\nCSqGSIb3DQEJDjEhMB8wHQYDVR0OBBYEFG83RRDvaMH5UKQ5T7SL2C1zNd8yMAsG\r\nCSqGSIb3DQEBCwOCAQEAdVdxdLu1nOdAZ4q3XeHP+cBeEdVbp6EXJvOiTBG6VPqb\r\nUcvuixbSOx+qFyZ51Nx8XeP9dmWAejdhHW755iISBIAI1MXCiDftviGOuCBAYhJM\r\n2J6fi6bhSEcfcOVVdD1nZWzOUu+zwyeaita3on2wZKvTC6u+Ac7YnVGVYbJq6buM\r\nujWefRJ5Lo3eO/nZr9fwVCqEKA5T1HqeDg3EVwbkkBrY1YIGL7efrd4p1tE3KFOR\r\nLQGQMVHR/Z3w/7pcUvyKxFdy/1NLrw8pg1TuvK+Uln6e80aMCYHwKN1k8Ne/4v1t\r\nIYQTJO3TfhAjT+qni21CaZC1y20gFyOHhjODMgduZw==\n-----END CERTIFICATE REQUEST-----\n\"}" https://sws.sslpki.com/certificates

Conclusion:

  • Prevalidating a domain speeds up the process for certificate acquisitions.
  • Allows members of your team to order certs for any host in the domain and sets the stage for better tracking for upcoming and required revalidations.

Our Support Team is standing by to assist:

  • Chatline is available on the lower right of ssl.com 
  • Email is support@ssl.com 
  • Phone: 1+SSL-Certificate (1-775-237-8434)
Twitter
Facebook
LinkedIn
Reddit
Email

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.