Available in Classic and VPC
This page describes the method and requirements for issuing a certificate.
Apply for certificate
To apply for a certificate:
- From the NAVER Cloud Platform console, navigate to Menu > Services > Security > Certificate Manager.
- Click the Certificate List menu.
- Click [Issue certificate].
- Select certificate types. The certificate types issued by Certificate Manager are Cloud Basic and Advanced.
Cloud Basic certificate
When the Issue certificate interface appears, proceed with the following steps in order:
1. Enter domain
Enter the certificate name and domain name.
- For Certificate name, enter a name that is different from other certificate names.
- These are types of domain names available for Domain name:
* FQDN (Example: www.example.com)
* Apex domain (Example: example.com)
* Wildcard domain (Example: *.example.com)
2. Validation method
Select how to validate the ownership of the domain you've applied for. Once you select a validation method at this stage, you cannot change it later.
- DNS validation: A method of validation if you have DNS editing permissions. For details, see DNS validation.
3. Review and request
Review the certificate information you requested and the validation method.
- If you selected DNS validation, a validation value is created to be entered in the DNS Record Type, Record Name, and Record Value after the application is complete. You can view the created validation value and validation status in the certificate details in the Certificate List.
4. Subscription completed
After the application is complete, the certificate status appears as In progress in the Certificate List.
Advanced certificate
When the Issue certificate interface appears, proceed with the following steps in order:
- 1. Enter domain
- 2. Enter organization information
- 3. Enter CSR
- 4. Select validation methods
- 5. Subscription period
- 6. Review and request
- 7. Subscription completed
1. Enter domain
Enter the certificate name and domain name.
- For Certificate name, enter a name that is different from other certificate names.
- These are types of domain names available for Domain name:
* FQDN (Example: www.example.com)
* Apex domain (Example: example.com)
* Wildcard domain (Example: *.example.com)
2. Enter organization information
The menu applies only to Advanced OV certificates. The menu doesn't appear in the Advanced DV certificate application.
Select organization information that will be included in the certificate.
- Only validated organization information can be viewed.
- You can add organizations in the Organizations menu.
3. Enter CSR
-
Copy and paste a CSR in PEM format.
- The CN field must have the same domain name as the domain entered.
- For OV certificates, organization validation information must be entered correctly in the O, C, ST, and L fields.
-
Click [Validate CSR] to run validation. Validation must succeed to proceed to the next step.
4. Select validation methods
Select how to validate the ownership of the domain you've applied for. Once you select a validation method at this stage, you cannot change it later.
- DNS validation: A method of validation if you have DNS editing permissions. For details, see DNS validation.
5. Subscription period
Select the subscription period for the certificate you are applying for. Once you select a validation method at this stage, you cannot change it later.
The differences between the subscription period and the certificate validity period are as follows:
| Type | Description |
|---|---|
| Subscription period | The certificate can be renewed and used throughout the subscription period. The subscription period is applied from the time the certificate is issued and does not apply during the issuance process. The selectable subscription period ranges from 1 year to 3 years. Charges are applied based on the subscription period selected at the time of certificate issuance. |
| Certificate validity period | The maximum validity period allowed for an individual certificate is determined by CA/B Forum policies, and all Public SSL/TLS CAs, including those issuing certificates through Certificate Manager, must comply with these policies. Within the subscription period, the certificate can be renewed to extend its validity by issuing a new certificate. |
6. Review and request
Review the certificate information you requested and the validation method.
- If you selected DNS validation, a validation value is created to be entered in the DNS Record Type, Record Name, and Record Value after the application is complete. You can view the created validation value and validation status in the certificate details in the Certificate List.
7. Subscription completed
After the application is complete, the certificate status appears as In progress in the Certificate List.
Conditions for certificate issuance
If validation is performed and the validation status of all applied domains is Succeeded, the certificate will be issued. If issued successfully, the certificate status appears as Normal, and information such as issuance date, authentication start date, and authentication end date in the certificate details is updated.
Validation status types include In progress, Succeeded, Timeout, and Failed.
Validation status
Validation status can be viewed in Certificate list > Certificate details.
| Validation status | Description |
|---|---|
| In progress | The validation value has been created using the domain ownership validation method selected during the certificate issuance request, and it is currently waiting for the validation results. |
| Succeeded | The domain ownership validation in progress has succeeded. |
| Timeout | 72 hours have passed while in the In Progress status. The domain ownership validation can no longer proceed after timeout. A new certificate issuance request is required. |
| Failed | The validation value creation failed using the domain ownership validation method selected during the certificate issuance request. The status may fail if email validation fails to send email or DNS validation fails to generate a normal validation value. |
Validation method
- If the validation method is DNS validation, 1 DNS validation value is created for each domain.
- After the certificate application is complete, Certificate Manager repeatedly checks for successful validation for 72 hours. If the validation for all domains you applied for succeeds, the validation status appears as Succeeded and the certificate is issued within minutes.
- If the validation does not succeed within 72 hours, the certificate status appears as Timeout and the certificate can no longer be issued. If the validation status is "Timeout," apply for a new certificate.