The Symantec API offers the capability to authenticate DV SSL/TLS Certificates via File and DNS Authentication: a Partner Solution with many benefits.

Symantec’s new authentication capabilities, available through our API, have been designed to drive faster issuance times. This will remove the customer as the bottleneck from the manual approval process and thereby support higher renewal rates and provide a better customer experience, whilst reducing SSL/TLS management costs for partners.

Symantec’s API provides capabilities to support automated SSL/TLS lifecycle management and offers automatedauthentication capability through DNS Auth and File Auththat support automated Enroll, Revoke, Reissue and Cancel Workflows which are fast, simple and flexible.

Symantec’s new authentication capabilities provide partners with a more efficient authentication process that offers benefits for both partners and customers:

Faster and simpler domainvalidation for partnersCut domain validation time to just seconds while increasingcustomer satisfaction with the Symantec Partner API andAutomated Authentication process.

Symantec provide authentication practices through a variety of WHOIS, File and DNS authentication capabilities. Traditional WHOIS authentication relies on manual processes that require user intervention and can lead to lower adoption rates, lower success rates, higher time for cert issuance and hence higher complexity for partners to offer their package/bundle to the end customer. With the Symantec Partner API, the automated workflow will reduce issuance time and even allow instant issuance at lower costs for Symantec WebsiteSecurity Partners.

Faster and more efficient

Seamless automation

Increased renewal rates

No reliance on manual interaction

Less costly follow ups

24/7 support

Simple and easy to integrate with necessary API

documentation and code library

Less error prone

Support for Reissue, Revoke, Cancel in addition to

Enroll which makes it easier for partners not only

to enroll but also to manage complete life cycle

HOW DOMAIN VALIDATION WORKS

Requestor submits order and an email is automatically generated to user's inbox for approval

If email is not responded to, Symantec representativehas to manually verify with requestor

If any of these steps cannot be completed by email, authorisation phone calls are required to verify the domain

name and ownership

Symantec completes a WHOIS lookup for the domain name to verify the ownership

Requestor receives and approves email

Manual Process

As demonstrated in the diagram above, a manual process can

include a number of human interactions in order to process the

order. This could lead to delays in order processing, lapsing of the

certificate validity (certificate expires) or multiple order cycles to

account for any human error.

Symantec World Headquarters 350 Ellis St., Mountain View, , CA 94043, USA

+1 (650) 527 8000, +1 (800) 721 3934

Email: website_security@symantec.com

Twitter: https://twitter.com/websecpartner

BENEFITS FOR PARTNERSAutomation leads to less reliance on manual processes which

should lead to lower support calls and save on time and

administration. Partners can make use of File Auth and DNS

auth not only for enrollment but also for reissue, cancel and

revoke so the whole life cycle management becomes easier.

Partners could see an increase in renewals and a decrease in

cancellation rates. Furthermore, certificates can be issued in

seconds. This results in greater satisfaction for both partners

and customers.

BENEFITS FOR CUSTOMERSSecure processes, domains and details preserved. A better,

simpler, streamlined experience leading to near automatic

issuance of certificates, allowing customers to get their

security solution in place more quickly.

DEVELOPER PORTALFor a seamless integration, we offer an online developer

portal with up-to-date documentation, recent updates and

even code libraries to kick-start your project!

HOW FILE AUTHENTICATION WORKS HOW DNS AUTHENTICATION WORKSAutomated Process

Copyright © 2016 Symantec Corporation. All Rights Reserved. Symantec, the Symantec

Logo, the Checkmark Logo, GeoTrust, the GeoTrust Logo, Thawte, and the Thawte logo

and RapidSSL logo are trademarks or registered trademarks of Symantec Corporation or

its affiliates in the U.S. and other countries. Other names may be trademarks of their

respective owners.

Symantec executes internal security checks consistent with the current process

The Certificate is issued

Symantec executes internal security checks

The Certificate is issued

The Partner selects the file authentication method through

an API Order Call

The Partner selects the DNS authentication method through

an API Order Call

The Partner generates the authentication file based on a shared secret and places it visible on the domain that is going to be

secured with the certificate

The Partner generates the authentication DNS string based on a shared secret and creates a

subdomain record on the domain that is going to be secured with the certificate, which points

to a specific CNAME record.

Symantec verifies the existence and contents of the file

Symantec verifies the existence and value of the DNS record

Automated Process

Ask your Symantec Account Manager for more information today!

To enable File Authentication or DNS Authentication, or both, please contact your Symantec representative for assistance.