I have spoken to many customers were buying SSL certificates. Most have commissioned Vastspace for the entire process. From my experience, most have the impression that the SSL certificate can be done on the same day.
Whether it is done by yourselves or Vastspace the process is the same. I will explain the entire process, so you will get a better understanding.
A Paid SSL certificate is issued by the certificate authority, not Vastspace. All SSL certificate applied for that domain must be validated and the CSR from the origin must be submitted. The validation methods are; domain-validation, organization validation and extended validation. Each validation process is conducted by the CA. DV, domain validation has a shorter process. The ‘owner’ of the domain must approve that he or she has applied an SSL certificate for that domain.
Once CA has satisfied, they will issue the SSL certificate. This process is the fastest but it has lower insured value because it is domain validated. How soon? It depends on how soon the owner can approve for the DCV email sent to him or her.
I have seen DV SSL certificate took more than a month or even cancelled after the CSR was submitted. OV will validate the organization applied and buying the SSL certificate. The CA will print the organization name on the OV validated SSL certificate.
EV SSL certificate verification is the most extensive. The verification comprises the DV, OV and callback to verify the real person behind the business. Business telephone number published on the authorised websites will be used.
The EV SSL verification is very long-winded if the organization is not prepared for the process. Handled by an inexperienced sales guy can delay the entire process. Thus, I recommend asking and check with the vendor before you are buying an SSL certificate, especially for the EV SSL certificate.
Here is the link to understand more about different types of SSL certificates.