What's wrong with traditional provisioning?

Despite years of innovation, SSL server certificates are still sold and installed using the same difficult processes and tools of a decade ago.

These disjoint processes do not communicate, and errors introduced in one process may not be discovered until a later process starts, when they are difficult to fix.

Process	Typical Tool
Create the CSR (Certificate Signing Request).	Command line tool, such as OpenSSL
Submit the CSR to you, the Certificate Authority (CA).	Your Web site
Install the signed certificate on the Web server.	Web server and a text editor

Common problems include:

creating a CSR for the domain name instead of the www host name
creating a CSR with an invalid country code, such as UK instead of GM

You detect these problems, created by a third-party tool, when you process the CSR. Your support team must then explain to a very frustrated and confused customer how to fix his problem.

Simply fixing a single symptom of this problem, such as providing a GUI interface to OpenSSL, is insufficient, because it does not solve the underlying issue, which is lack of integration. The required solution must be comprehensive -- integrating and facilitating all the required tasks. CertInstaller is the solution.

Traditional Provisioning

1.	Create a keypair with OpenSSL.
2.	Generate a CSR with OpenSSL.
3.	Go to the CA’s Web site.
4.	Enter info for the certificate.
5.	Paste the CSR into the Web site.
6.	Perform an e-commerce transaction.
7.	Respond to the CA’s vetting request.
8.	Receive an e-mail from the CA.
9.	Click a link in the e-mail.
10.	Download the certificate.
11.	Copy certificate to Web server.
12.	Configure the Web server.
13.	Restart the Web server.