Xolphin Wildcard Certificate & Laravel Forge

To work with Xolphin SSL certificates or any SSL certificates at Forge you need to take care of a few simple steps.

Self Signing Request

You need a self signing request. You can generate one from the command line using the SSL tool, but as you are using Laravel Forge you can do that from their dashboard under your site under the ssl tab:

If you are using a wildcard domain do use *.domain.com when filling in the domain details. After filling all in you can click on “create css”. I will add one. It will not be installed right away. You can click on the button to do that

Intermedia Certificates & Xolphin

When you click on install it will ask for the intermediate certificates:

intermediate certificates

For that you need to click on the copy icon to copy the generated CSR, go over to Xolphin, extend your certificate, add your CSR there to generate the actual private and public keys .


Make sure the email address attached to your Xolphin account works because it is needed to confirm request for new certificate with Comodo

You will get a Comodo email stating

Comodo has received a request to issue an SSL certificate for *.smart48.com.

Dear email address,
If you want to have this certificate issued, please browse to https://secure.trust-provider.com/products/EnterDCVCode?orderNumber=xxxxxxx and enter the following validation code:xxxxxxxxxxxxxxxxx-


You will have to click on link to go to Comodo page to enter the code to confirm. Once done you will see something like this

Afterwards Xolphin will send you an email all went well. The email will also contain the certificate.

SSL Certificate Installation

In the Linux folder in the zip file attached to the email there will be a certificate bundle. You can also download these from the Dolphin dashboard. You however only need the certificate for Forge. The intermediate ones will be loaded on the fly.

So add the .crt file in the modal text area , click install. The intermediate ones will be added. Once done you can activate the new certificate and the old one will be automatically deactivated.

To see the new certificate added you you may need to reload the browser or empty browser cache, but it should be working without issues.

Jasper Frumau

Jasper has been working with web frameworks and applications such as Laravel, Magento and his favorite CMS WordPress including Roots Trellis and Sage for more than a decade. He helps customers with web design and online marketing. Services provided are web design, ecommerce, SEO, content marketing. When Jasper is not coding, marketing a website, reading about the web or dreaming the internet of things he plays with his son, travels or run a few blocks.