Upload
cheapsslsecurity
View
127
Download
1
Embed Size (px)
Citation preview
The Symantec API offers the capability to authenticate DV SSL/TLS Certificates via File and DNS Authentication: a Partner Solution with many benefits.
Symantec’s new authentication capabilities, available through our API, have been designed to drive faster issuance times. This will remove the customer as the bottleneck from the manual approval process and thereby support higher renewal rates and provide a better customer experience, whilst reducing SSL/TLS management costs for partners.
Symantec’s API provides capabilities to support automated SSL/TLS lifecycle management and offers automatedauthentication capability through DNS Auth and File Auththat support automated Enroll, Revoke, Reissue and Cancel Workflows which are fast, simple and flexible.
Symantec’s new authentication capabilities provide partners with a more efficient authentication process that offers benefits for both partners and customers:
Faster and simpler domainvalidation for partnersCut domain validation time to just seconds while increasingcustomer satisfaction with the Symantec Partner API andAutomated Authentication process.
Symantec provide authentication practices through a variety of WHOIS, File and DNS authentication capabilities. Traditional WHOIS authentication relies on manual processes that require user intervention and can lead to lower adoption rates, lower success rates, higher time for cert issuance and hence higher complexity for partners to offer their package/bundle to the end customer. With the Symantec Partner API, the automated workflow will reduce issuance time and even allow instant issuance at lower costs for Symantec WebsiteSecurity Partners.
Faster and more efficient
Seamless automation
Increased renewal rates
No reliance on manual interaction
Less costly follow ups
24/7 support
Simple and easy to integrate with necessary API
documentation and code library
Less error prone
Support for Reissue, Revoke, Cancel in addition to
Enroll which makes it easier for partners not only
to enroll but also to manage complete life cycle
HOW DOMAIN VALIDATION WORKS
Requestor submits order and an email is automatically generated to user's inbox for approval
If email is not responded to, Symantec representativehas to manually verify with requestor
If any of these steps cannot be completed by email, authorisation phone calls are required to verify the domain
name and ownership
Symantec completes a WHOIS lookup for the domain name to verify the ownership
Requestor receives and approves email
Manual Process
As demonstrated in the diagram above, a manual process can
include a number of human interactions in order to process the
order. This could lead to delays in order processing, lapsing of the
certificate validity (certificate expires) or multiple order cycles to
account for any human error.
Symantec World Headquarters 350 Ellis St., Mountain View, , CA 94043, USA
+1 (650) 527 8000, +1 (800) 721 3934
Email: [email protected]
Twitter: https://twitter.com/websecpartner
BENEFITS FOR PARTNERSAutomation leads to less reliance on manual processes which
should lead to lower support calls and save on time and
administration. Partners can make use of File Auth and DNS
auth not only for enrollment but also for reissue, cancel and
revoke so the whole life cycle management becomes easier.
Partners could see an increase in renewals and a decrease in
cancellation rates. Furthermore, certificates can be issued in
seconds. This results in greater satisfaction for both partners
and customers.
BENEFITS FOR CUSTOMERSSecure processes, domains and details preserved. A better,
simpler, streamlined experience leading to near automatic
issuance of certificates, allowing customers to get their
security solution in place more quickly.
DEVELOPER PORTALFor a seamless integration, we offer an online developer
portal with up-to-date documentation, recent updates and
even code libraries to kick-start your project!
HOW FILE AUTHENTICATION WORKS HOW DNS AUTHENTICATION WORKSAutomated Process
Copyright © 2016 Symantec Corporation. All Rights Reserved. Symantec, the Symantec
Logo, the Checkmark Logo, GeoTrust, the GeoTrust Logo, Thawte, and the Thawte logo
and RapidSSL logo are trademarks or registered trademarks of Symantec Corporation or
its affiliates in the U.S. and other countries. Other names may be trademarks of their
respective owners.
Symantec executes internal security checks consistent with the current process
The Certificate is issued
Symantec executes internal security checks
The Certificate is issued
The Partner selects the file authentication method through
an API Order Call
The Partner selects the DNS authentication method through
an API Order Call
The Partner generates the authentication file based on a shared secret and places it visible on the domain that is going to be
secured with the certificate
The Partner generates the authentication DNS string based on a shared secret and creates a
subdomain record on the domain that is going to be secured with the certificate, which points
to a specific CNAME record.
Symantec verifies the existence and contents of the file
Symantec verifies the existence and value of the DNS record
Automated Process
Ask your Symantec Account Manager for more information today!
To enable File Authentication or DNS Authentication, or both, please contact your Symantec representative for assistance.