Setting Up a User-Managed SSL Certificate (SSL Business / SSL Business Plus)

For customers with a Server, 1&1 IONOS Instant Domain or 1&1 IONOS SSL package

By setting up a user-managed SSL certificate, you will receive your personal private key. During the setup process, the certificate is applied for at the certification body GeoTrust and issued to the desired domain after successful authentication (validation).

This applies to the following:

Your contract contains a user-managed SSL certificate that has not yet been set up:

  • GeoTrust True BusinessID ( SSL Business), or
  • GeoTrust True BusinessID Wildcard ( SSL Business Wildcard)
Step 1

Log on to 1&1 IONOS and select the relevant contract.

Step 2

In the Domains pane, click Manage SSL Certificates.

step 3

In the overview, click the SSL certificate you want to set up.

Step 4

Under Domain Assignment, select the domain or subdomain (depending on the certificate type) to which the certificate is to be issued.

Step 5

Check the details of your company and adjust them if necessary. Make sure that the company and technical contact details are correct as the certification authority will attempt to contact them during the authentication process.

Please note: Any change in the company's name that is made at this point will also be transmitted to the WHOIS database and will therefore be publicly visible.

Step 6

Read and confirm the Terms of Use and click Set Up SSL Certificate.

Step 7

Click Download Private Key and save the private key on your computer.

Please note: Keep the private key safe, because without the private key you cannot use the SSL certificate! For security reasons, neither 1&1 IONOS nor GeoTrust stores the private key and therefore cannot request it again. In the event of loss, the SSL certificate must be reissued through SSL Management (this generates a new key pair).

The certification authority (CA) will now check whether the domain in question belongs to the applicant company. Finally, verification is carried out by telephone contact.

Once the company validation is complete, you can download and install the SSL Certificate on your server. For more information, see Installing an SSL Certificate on the Server.

Stages of validation - briefly explained

The examination by the certification body takes place in several steps:

  • Company
    Authentication
    The Certification Authority (GeoTrust) matches the company name, registration and security status of the company specified in the Certificate Signing Request with the appropriate registration authority of the country, state or (in some cases) the jurisdiction of the city. Public information is also looked up on the Internet.
  • Domain
    authentication
    The certification authority checks whether the domain name in question is registered on the registered company name in a publicly accessible WHOIS database. If the domain name is not registered for the registered company name, alternative:
    - a legally valid proof can
    be provided - proof of usage rights for the domain name can be provided, or
    - additional documents can be provided.
  • Telephone verification
    As final identity authentication, the certification authority calls the company contact specified in the domain whois. The call can also be answered by another person in the company.
    If the certification authority does not reach anyone, either a voice message will be left on the contact's answering machine or an email will be sent by GeoTrust with further instructions. This includes information on how to contact the certification body to complete the verification.