Secure Email Certificate Support

What is SSL?
Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remains private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. In order to generate an SSL link, a web server requires an SSL Certificate. Enterprise SSL is such a Certificate, and when installed, can create secure links to protect transactions, passwords, personal details, etc.

Why does an Enterprise SSL Certificate cost considerably less than other Certification Authorities?
Enterprise SSL has direct access to the IdAuthority, the largest commercial directory on the web. Enterprise SSL can therefore expedite the validation of an application. This efficient and highly effective validation method ensures we can issue a Certificate at a greatly reduced cost (as reflected through our guaranteed lowest price in the industry) as well as maintain a level of validation far superior to the methods employed by other SSL providers. In particular, the validation process employed to issue Comodo Enterprise SSL Certificates is considerably more than just a domain name ownership check - we firmly believe this method alone to be insufficient to maintain the level of integrity in SSL that consumers have come to expect.

If you would like to compare our pricing to other providers, consult read the CA Comparison Chart.

Where can I find out more about the validation, issuance and management process?
As a commercial Certificate Authority, Comodo publishes a Certification Practice Statement. This policy document is available here.

Will Enterprise SSL Certificates work correctly with my customer's browsers?
In order for your customer's browser to seamlessly use an Enterprise SSL Certificate, they must trust our 'Root Certificate'. Our Root (provided by Baltimore Technologies) is trusted by over 99.9% of all current browsers (see browser compatibility details), comprising all Internet Explorer 5.00 and above, Firefox 0.1 and above and AOL 5 and above and comes pre-installed with all Windows 2000, Windows XP and Windows Vista operating systems. This browser compatibility makes Enterprise SSL as trusted as Verisign and Thawte.

What is the difference between the SSL Certificates available through
We have outlined all the key differences in table format for your convenience - just click here to view.

What does the Warranty actually mean?
We believe it is important to protect the end user. If we were to mis-issue a certificate to a fraudulent site, and that fraudulent site has an SSL link with an end user and as a result of this the end user loses money. The end user had what they thought was a "trusted session". Comodo should never have provided the fraudster with the ability to engineer this situation. Hence, we have taken out insurance to pay out money to the end user. How can we do this?

1. We value the end customer
2. We believe the insurance provided greater peace of mind hence allows the merchant to sell more products
3. Most importantly, we value our validation techniques (delivered through

We pre-validate customers and provide validation that is far higher than the majority of other SSL providers. Some CA's have very weak validation hence they decide NOT to offer insurance! Finally, it is worth pointing out, that we offer high validation, but not at the compromise of speed. You can still obtain SSL instantly.

I want an increased Warranty on my Enterprise SSL Certificate - how can I get this?
If you require an increased warranty on your SSL Certificate, choose from the Gold SSL or Platinum SSL Certificates option. This provides a greatly increased warranty of $2500 and $10,000 respectively.

How long does it take to process my application?
Provided we have sufficient validation information available through the IdAuthority (as described in our CPS), your Enterprise SSL certificate can be issued in only minutes. If additional verification processes must be used to validate your application, the issuance process may take slightly longer. In such cases we guarantee that the Certificate is issued within 2 working days. Please contact us directly to expedite your Order should it be urgent.

Why am I asked about VAT?
Comodo, the organization behind Enterprise SSL is a worldwide company with a base in the United Kingdom. We must therefore determine if we are to charge VAT (Value Added Tax) on the advertised price of the sale. Only United Kingdom and European companies without a valid VAT number will be charged VAT. If you are outside of the European Union, be sure to choose "Outside EU" in the VAT options in the application pages to avoid being charged VAT.

Under what circumstances would you get 'Invalid VAT number details?
A value is entered in the VAT number field, but 'Non-EU is selected.

Which versions of the SSL protocol is Enterprise SSL compatible with?
Enterprise SSL is compatible with any browsers and web servers using SSL version 3 - the de facto SSL implementation. SSL version 1 and version 2 have been superseded by version 3 for a number of years, mainly due to the inherent security flaws found in these old versions. All web browsers developed after Internet Explorer 3 and Netscape 3 use SSL version 3 (however still support older SSL protocol versions). If your web server is only capable of supporting versions 1 and 2 of the SSL protocol, we strongly recommend you contact your web server software vendor for an update - these protocols are flawed.

Do Comodo SSL certificates only support 128 bit encryption?
No, they support the key size as determined by the web server or browser, if the web server or browser can only negotiate 40 or 56 bit then this is session that is established

What is strong encryption?
This is another term for 128 bit encryption. All Enterprise SSL certificates are strong encryption.

What is SGC?
SGC is Server Gated Cryptography. It provides the ability for a certificate to 'up-rate' older browsers that are only capable of weak, 40 bit encryption to ultra-secure 128/256 bit encryption without the need to upgrade. It was introduced at a time when stringent US encryption export laws would only allow browsers to encrypt 40 bit levels. Understandably, there are a significant number of internet users that still use these older browsers.

I am not a company. Can I apply for a Certificate?
Yes, anyone wishing to provide a confidential and secure link between server and customer's browser can apply for a certificate

When I generate a CSR what do I put in the Common Name field?
The Common Name field contains the domain or server name. Do not include http:// or before the name or any subfolders indicated by the / after the domain name

I ordered my certificate but chose the wrong type of web server, do I need to re-apply?
The web server details are for our records and support purposes only. The certificates are the same format irrelevant of the web server chosen.

How can I learn the status of my application?
Contact support at with your order number and a member of the team will be happy to update you

I have made a mistake in my application
If you have already submitted your application, please contact quoting your Order Number and details of the mistake. In some cases you may need to submit a replacement CSR.

Can I apply for a certificate for each sub-domain of the main domain?
Yes, but it can be simpler and more cost effective to open an account as an Enterprise Public Key Infrastructure Manager (EPKI Manager). For more information, please contact
It may also be more cost effective to use a Wildcard certificate which protects all sub-domains below the primary named domain. For more information, please contact