Skip to main content

Basic and business TLS/SSL certificate enrollment

Important

Industry standards are changing: End of 2-year public TLS/SSL certificates

On August 27, 2020, 5:59 PM MDT (23:59 UTC), DigiCert stopped issuing public DV, OV, and EV TLS/SSL certificates with a maximum validity greater than 397 days. We did this because of the industry’s move away from 2-year public TLS/SSL certificates. For more information about this change, see End of 2-year DV, OV, and EV public certificates.

You can now only purchase 1-year public TLS/SSL certificates. However, to maximize your TLS/SSL coverage, purchase your new certificates with a DigiCert® Multi-year Plan. For more information about these plans, see Multi-year Plans.

Your CertCentral account includes Basic SSL and Business SSL certificates. Managing your TLS/SSL certificates throughout their lifecycle may include some or all of these tasks:

Order TLS/SSL certificates

  • Basic SSL Certificates:

    Standard SSL, EV SSL, Multi-Domain SSL, EV Multi-Domain, and Wildcard SSL

  • Business SSL Certificates:

    • Secure Site Pro SSL and Secure Site Pro EV

    • Secure Site SSL, Secure Site EV SSL, Secure Site Multi-Domain SSL, Secure Site EV Multi-Domain SSL, and Secure Site Wildcard SSL

Cancel orders

When needed, you can cancel a pending TLS/SSL certificate order, before we issue the certificate.

Check order status

Check the status of your TLS/SSL certificate orders.

Complete domain control validation (DCV)

Before DigiCert can issue your TLS/SSL certificate, you must prove control over the domains on the order. Supported DCV methods for DV certificate orders are:

  • Email

  • DNS TXT

  • DNS CNAME

  • HTTP Practical Demonstration

Organization validation

When ordering Organization Validation (OV) and Extended Validation (EV) TLS/SSL certificates, DigiCert must validate the organization included on the certificate order.

The difference between the EV and the OV certificates' issuance process is the degree of organization verification (validation) DigiCert does for the certificate type. For EV certificates, the organization validation is more thorough and includes some additional checks. See Certificate Validation Process from DigiCert.

For OV and EV certificates, organizations must be revalidated every 397 days (13 months).

Access issued certificates

To access an issued TLS/SSL certificate, download it from your CertCentral account. You can also email the certificate from your account.

Reissue certificates

Reissue a TLS/SSL certificate to replace the existing certificate with a new one that has different information (for example, add another SAN to a multi-domain certificate).

Cancel reissues orders

When needed, you can cancel a pending reissue request on an TLS/SSL certificate, before we issue the certificate.

Renew certificates

Renew an expiring or expired TLS/SSL certificate order.

Note

Basic CertCentral accounts don't support organization or domain pre-validation. If the validation has expired when you go to renew a certificate, you must demonstrate control over the domains on the renewal order and DigiCert must revalidate the organization.

Revoke certificates

Certificate revocation is a three-step process:

  1. Submit a certificate revocation request.

  2. An administrator must approve the revocation request.

  3. DigiCert revokes the certificate.

In this section: