BIGSEA supports SSL certificates issued by Verisign
Please be aware that the company you choose will bill
for a Digital ID. Pricing is per fully-qualified
|Initial Digital ID, first year: US$349
Renewal Digital ID, annually: US$249
NOTE: $249 applies to renewals of all IDs issued after
8/18/97. IDs issued between 8/18/96 and 8/18/97
can be renewed for
Initial Digital ID, first year: US$125
Renewal Digital ID, annually: US$100
More pricing info
|**Pricing for Digital
IDs is not set or collected by BIGSEA -- Be sure to check the
section of the company you chose prior to submitting SSL
requests to confirm
the latest pricing.
A note regarding transfers of existing certificates...
If you wish to transfer an existing certificate
provider to BIGSEA, the certificate can be transferred if it
is coming from an existing Irix box
running Stronghold SSL software.
The current system admininstrators will need to provide
us [via the user or reseller] with the private keys as well
as the current
certificate. This information must be submitted to
BIGSEA's Technical Support department via
If this cannot be done, a new CSR will need to be
the steps outlined below will need to be followed.
If you would like to obtain your own certificate,
follow these steps:
Complete our Information Form
Fill-out and submit one of the following information
forms to begin
For UNIX hosting accounts:
For NT hosting accounts:
A description of required form fields is listed
The forms listed
above can used
to submit requests for both Verisign -AND- Thawte
Please remember that ALL fields on an SSL request
If any fields are left blank, we cannot generate the CSR.
offender for this is the 'Organizational Unit' field. If your
client does not have a specific organizational unit, we
suggest using something like 'Secure Services Division'.
Incomplete form submissions will
be returned with a request to resubmit accordingly
via e-mail from BIGSEA
After completing our form, we will gather information
site and generate an encrypted Certificate Signing
The newly generated CSR will be returned to you via
At the same time, a 30-day temporary SSL certificate
on the server. This certificate will expire in 30 days of the
date you filled out the form. During this period of time
visitors will be able to access your website securely,
however, visitors will also be able to detect that a
temporary certificate is in place.
In addition, visitors may also encounter a message
that their web browser does not recognize the authority
its Certificate. Regardless, it is very important that the
steps of this procedure be completed in a timely
Submit your "CSR"
to the Verisign or Thawte
Once you have received the CSR, you will need visit
or Thawte's website to instigate the enrollment
some point in the enrollment process, you will be
prompted to submit
the new CSR through their enrollment form. The
forms can be found at the following locations:
The company you have chosen will generate an
encrypted server "key"
and send that to you via email.
When prompted for
the Server Software
Vendor, enter "Stronghold C2Net" If
this type is
not specified, select "Apache
Verisign is currently displaying a message which
the certificate that you are requesting uses a 512 byte key
which is insecure". We are advising customers to
submit a request
for the 512 byte key. The key is still very secure and going
to a 768 or 1024 byte key will not increase security
it will impact performance as the stronger encrytion takes
longer. We are researching the impact of upgrading our
servers from 512
byte to 768 or 1024 byte keys.
Receive your server
"key" and send it to
You should receive your server "key" via
either Verisign or Thawte shortly after you submitted your
in step 3 above. Send the "key" to
to be installed on the server. Once
completed, your certificate is then activated and you will
be able to SSL with your own certificate. You will
receive a notice of completion from Technical Support
when the certificate is activated.
Explanation of the
form fields you will need to complete:
All fields are
Common Name: Your website's
fully qualified domain name (e.g. <a
href="http://www.samplecompany.com">www.samplecompany.com). The domain
name must be registered to the organization specified in
You cannot use the symbols "*" or "?" as part
of your Common Name.
Organization/Company: The legal
name under which
your organization is registered. Do NOT
Organizational Unit: This is used to
between organizational divisions. A DBA (Doing
entry is acceptable -or- "Secure Services
is commonly used. Do NOT abbreviate.
City/Locality: Required for
only at the local level. Do NOT abbreviate.
State/Province: The complete name
of the state
or province in which your organization is located.
Country: The two-character
code (e.g. GB for Great Britain, US for the United
Click here for a <a
href="http://digitalid.verisign.com/ccodes.html">list of valid country codes.
E-mail Address: Your
"CSR" will be sent
to this address.
Technical Contact: The person who
the certificate and who will provide notice if the Digital ID
is compromised. For example, this may be your
webmaster or the appropriate technical support
representative at your Internet Service Provider.
Renewal notices are sent to
both the technical and organizational contacts.
Organizational Contact: The person
organization who will take responsibility for the certificate
and provide organizational information. For
example, this may be your organization's CEO or the
appropriate support person. The
organizational contact must be a member of your
a representative of your Internet Service Provider.
Renewal notices are sent to both the technical and
return to Step 1
A collection of electronic data consisting of a
Public Key, identifying information about the owner of
the Public Key, and validity information, which has been
Digitally Signed by a CA. Certified shall refer to the
condition of having been issued a valid
Digital ID by a CA, which Digital ID has not been
Digital ID Revocation List
A collection of electronic data containing
information concerning revoked Digital IDs.
Certification Authority ("CA")
VeriSign or an entity which is Certified by
VeriSign to issue Digital IDs to Users in a VeriSign
Digital ID Hierarchy. VeriSign is Customer's CA
Information encrypted with a Private Key which
is appended to electronic data to identify the owner of
the Private Key and verify the integrity of the electronic
data. Digitally Signed shall refer to electronic data to
which a Digital Signature has been appended.
A mathematical key which is kept private to the
owner and which is used to create Digital Signatures or
to decrypt electronic data.
A mathematical key which is available publicly
and which is used to verify Digital Signatures created
with the matched Private Key and to encrypt electronic
data which can only be decrypted using
the matched Private Key.
return to top