Use these instructions to update the certificate signing request (CSR) on pending TLS and Secure Email certificate orders.
Order requirements
You can only update the CSR on pending certificate orders. Once your certificate is issued, you are restricted to viewing the CSR used to generate the certificate.
CSR Requirements
For your certificates to remain secure, they must use a 2048-bit or larger key size. Learn how to Create a CSR (Certificate Signing Request).
DigiCert TLS and Secure Email certificates support the following algorithms and key lengths:
RSA 2048, 3072, and 4096
ECC p-256 and p-384
Secure Email certificate requirements
You can only update the CSR on a pending Secure Email certificate order if you provided a CSR when you submitted the order. If you opted to provide the CSR later, there is no CSR to update. You must wait until we send the email with a link to generate the CSR and Secure Email certificate via the browser.
In CertCentral, in the left menu, select Certificates > Orders.
On the Orders page, in the Order # column, select the order number link for the pending certificate order.
On the Order details page, on the Details tab, in the Certificate status section, under What do you need to do, select the Upload CSR icon.
In the Upload CSR window, upload your CSR to or paste it into the Add your CSR box.
When copying the text from the CSR file, make sure to include the
-----BEGIN NEW CERTIFICATE REQUEST-----and-----END NEW CERTIFICATE REQUEST-----tags.Select Upload.
You successfully updated the CSR on your pending certificate order. We will use the public key from the new CSR to generate your certificate.