Hello,

1) We have noticed the issue and it is already fixed from our developers. Now when you enter the hostname with www, the approval emails are generated correctly (without www).

The approval email can be send only from us, since we are managing the billing of your clients and you are not able to send a custom email yourself.
We do not trace such rejected approval emails because they are automatically send by the system and we do not receive the bounce messages.
If the approval email is not valid and the client has not approved/received the SSL certificate he/she will contact us via ticket and we will help him/her to verify/receive and install the SSL certificate.

2) The SSL certificate is always valid for both the domain name ( domain.com ) and the www subdomain ( www.domain.com ) even if you have not included the www subdomain in the hostname when ordering the SSL certificate.

The approval email address cannot be a custom email address. This is a restriction of the SSL vendor.

3) When someone orders only a SSL Certificate, he/she will get a billing account, the same as when ordering just a domain name registration, from where he/she can renew the SSL certificate.
From the billing account they can order a domain name registration as well or even upgrade it to a hosting account.

Best Regards,
Cvetan Ivanov

1.) OK, I now see your developers have fixed it. Thank you. Also I appreciate your response in how you will handle bounced/rejected approver emails etc…….because I can see this happening sometimes due to fact the SSL vendor restricts being able to input a custom approver email address. I understand why the vendor has to do this - because it’s a domain validated SSL. It is what it is. At least I now know a little more how you will handle such bounced emails etc……..which in turn helps me adjust my site accordingly.

2.) Unless something has changed since you switched vendors from Rapid SSL to Comodo Positive SSL (and I’m happy you switched vendors, I like Comodo) - I don’t believe what you said is accurate. I actually ordered an SSL in the past “without” including the “www” in the hostname and the SSL turned out to be “only” valid for (domain.com) - the sub-domain (www.domain.com) was not valid. I then had to “re-order” a new SSL certificate and make sure I included the “www” in the hostname so it would “now” be valid for “both” (domain.com) and the sub-domain (www.domain.com).

-So has something changed in your automated ordering system or since you switched SSL vendors where “not” having to include the “www” in the hostname while ordering SSL’s will STILL produce an SSL that is valid for “both” (domain.com) and (www.domain.com)? Please confirm for accuracy, because in the past I have experienced otherwise.

-Important: Also I have noticed that the “order form” when directly visiting a store master theme site does a better job at pulling in the actual whois email address for a domain (hostname) versus the “order form” from within the RSP CP. In other words: the order form at https://checkout.duoservers.com is doing a better job at pulling in the actual “whois email address” for a hostname than the order form at https://cp.resellerspanel.com/orders/new/ when ordering an SSL Certificate. I don’t know why? Try inputting: (example: www.xtremefitness.com) for the hostname at “both” order forms. The order from at https://checkout.duoservers.com will pull in the actual whois email address of: passage111 (at) aol.com whereas the order form within the RSP CP at https://cp.resellerspanel.com/orders/new/ will “not” pull in any whois email address for: (example: www.xtremefitness.com) hostname. I don’t know why? Can you investigate and/or fix this for the RSP CP order form when ordering SSL’s?

3.) That is good. Perfect. Thank you for confirming this for me.

So for numbers 1 and 3 above I am now good.

Can you please investigate/confirm my questions regarding number 2 above. Especially the order form discrepancies regarding pulling in whois email addresses for hostname domains?

Hello,

Yes, my statement is valid for the new Comodo Positive SSL certificates. It doesn't matter if you order the SSL for www.domain.com or for just domain.com the SSL will be valid for both.

We have also fixed the issue with the fetching of the whois email address.

Best Regards,
Cvetan Ivanov

Great!! I see you have indeed fixed the fetching of the whois email address for the RSP CP order form. Thank you very much.

I'm certainly happy your statement is in fact valid for the new Comodo Positive SSL certificates. It's so much easier to not have to worry about inputting "www" vs "non-www" for the hostname - it's nice knowing they'll "both" be valid with the Comodo SSL no matter how you type it in. That's great news!!! Thank you.

I am not sure about that.

If you order an SSL for www.domain.com it will be valid for both - www.domain.com and domain.com, but if you order it for domain.com - it will be valid for domain.com only. So it is always better to go with www.domain.com

At least that's with the Comodo PositiveSSL Certificate (it could depend on the vendor as well).

Hello Tom,

Long time no see.

The following is a Comodo PositiveSSL certificate recently ordered for a client:


You can verify that www.rentcbf.com is listed in the SANs (Subject Alternative Name) list. All hosts listed in there are also protected from this SSL certificate.

The SSL certificate is currently installed so you can verify that on your end.

Best Regards,
Cvetan Ivanov

True that, I just checked few of mines. Wasn't the case few months ago.

Nice to see you Cvetan

That was a smart move switching to Comodo PositiveSSL Certificates. They are pretty popular certificates right now and they make a lot more sense validating both www and non-www regardless of how you happen to type it into the hostname field.

But just make sure you have already chosen what version, www vs non-www, you want to use for your site before typing that version into the hostname field. Even though both versions will certainly be validated, you will still want your "common name" (see above) to be the version, www vs non-www, you have chosen to present to the world (and google).

In other words, you don't want your site 301 redirecting to the https://example.com version of your site but the certificate was actually issued to the https://www.example.com version of your site - regardless of the fact that both versions are validated.

It's still much better that Comodo possitiveSSL will validate both (always) - just make sure the common name matches the version of your site you chose to present to the world. It just helps Google also understand this is the version of your site you want them to index and it just looks better overall.

The old certificate through me off when ordering a new Comodo PositiveSSL certificate because I thought it still worked like the old Rapid SSL certificate and this is something I'm needing to fix for myself. Don't know if it's possible to switch the "common name" on an "existing Comodo PositiveSSL certificate" from the www.example.com version to the example.com version. Of course still have both versions validated - but just flip flop the "common name?"