If you place on order at thawte.com for a SSL certificate that uses less than 4 characters (for the CN/Common Name field), you will NOT be permitted to process your certificate.
The process you should use is:
- Enter in the user name: ZAVERISI-1 and Password: Password123
- Please click on “click here” under the “Enroll for Certificates”
- Select the duration of your choice
- enter in the CSR and the rest of the contact information (please leave the billing contact details as is)
According to Thawte’s technical support team, this isn’t a bug, it’s a feature…
This feature was added as a security block in our system to prevent customers from obtaining wildcards to cover all domains of a particular domain registrar, for example, *.com or *.net.
The way around this is for the customer to simply add an x after his 3 letter domain when enrolling. So the customer must get the wildcard for *.redx.com. This will allow the enrollment to complete. Once the order is in the system it is merely a case of contacting CS and asking them to remove the x after the domain. The wildcard will then be issued to the correct customer domain of *.red.com.
So, if you’re over at sun.com, ibm.com, x.com (bought paypal, then bought by ebay), msn, cia.gov, etc. Well, be careful when you’re buying your wildcard certificates.
We wouldn’t want to see Verisign’s gross margin’s eroded by implementing features like this properly, for example with a list of valid top level domains for each country.