Skip to main content

Renew a RapidSSL Wildcard DV certificate

Notice

Industry standards change: End of 397-day maximum validity public TLS/SSL certificates

On February 24, 2026, DigiCert stopped issuing 397-day public DV, OV, and EV TLS/SSL and Qualified Website Authentication Certificates (QWAC) and QWAC PSD2 certificates. The new maximum TLS/SSL certificate validity is 199 days.

Learn more about the end of 397-day maximum validity public TLS/SSL certificates.

Renew your RapidSSL Wildcard DV certificate

  1. Create a CSR.

    To renew a certificate, you must create a certificate signing request (CSR). Certificates must use at least a 2048-bit key size. Learn more about generating a CSR.

  2. Find the certificate order.

    1. In CertCentral, in the left main menu, go to Certificates > Orders.

    2. On the Orders page, find the certificate that needs to be renewed.

    3. In the certificate's Order # column, select Quick view.

    4. In the Order # details panel (on the right side of the page), select Renew certificate.

  3. Add your CSR.

    On the Renew RapidSSL Wildcard DV Order page, use one of the following options to add your CSR:

    • Upload: Use this link to upload your CSR file to the Add your CSR box.

    • Enter: Use a text editor to open your CSR file. Copy the text, including the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags, and enter it in to the Add your CSR box.

  4. Common name: We carry the common name over from the original certificate and add it to the Common name field. Make sure the common name is formatted correctly (*.example.com).

  5. Include both *.[your-domain].com and [your-domain].com in the certificate.

    When renewing a RapidSSL Wildcard DV certificate, we include the base domain in your certificate. To secure the wildcard domain entered in the Common name box, deselect Include both *.[your-domain].com and [your-domain].com in the certificate.

  6. Select a coverage length.

    With DigiCert annual plans (1-year orders), you get a 199-day certificate by default. See DigiCert annual plans.

  7. Set a validity period for the first TLS/SSL certificate in your order. You can select 199 day, Custom expiration date, or Custom length.

    • For a certificate with a shorter validity than the order, you must reissue your certificate to use the remaining validity on the order.

    • Certificate validity determines the length of the first certificate issued for the plan. If needed, you can change the validity period each time you reissue your certificate.

    Notice

    Industry standards dictate that the maximum validity period for all public TLS/SSL certificates is 199 days (approximately six months).

  8. Set advanced options. SHA-256 is the sole available hash algorithm for DV certificates.

  9. Select a DCV method to prove control of your domain. Before DigiCert can issue your DV certificate, you must demonstrate control over the domain on your certificate order. To learn more about the available methods, see Domain Control Validation (DCV) Methods.

    In the DCV verification method menu, select the method you want to use for the domain on the certificate order.

    • DNS TXT (recommended)

      Validate your domain by creating a DNS TXT record with a randomly generated value.

    • Email

      Validate your domain by following the instructions in a confirmation email sent for the domain.

    • File

      Validate your domain by hosting a fileauth.txt file with a randomly generated value at a predetermined location on your website.

    After submitting your certificate order, you can change the DCV method from the certificate's Order # details page, if needed.

    In the left menu, go to Certificates > Orders. On the Orders page, in the Order # column of the DV certificate order, select the order number link.

  10. Select the language for the DCV email. Did you select to validate your domain using email? This menu allows you to select a language.

  11. Add a technical contact. This is optional. However, we recommend adding another person to receive order emails, including the one with the certificate attached, and renewal notifications.

    1. In the Order details section, under Contacts, in the Technical contact box, select Add contact.

    2. In the Add Contact window, provide the contact’s information (first and last name, job title, phone, and email). Select Submit.

  12. Add notes and a renewal message. These are optional and aren’t included in the certificate.

    1. Expand Notes / renewal message.

    2. Comments to administrator: Add a note to the order that an administrator can see (for example, the reason the certificate was needed).

    3. Order-specific renewal message

  13. Select a payment method.

    • Pay with contract terms: This is the default payment method for customers with contracts.

    • Pay with credit card

    • Pay with account balance: To deposit funds, select Deposit.

      Notice

      The Deposit link takes you to another page in your CertCentral account. Any information entered in the request form isn't saved.

  14. Read the agreement and check I agree to the Certificate Service Agreement.

  15. Select Submit certificate request.

What's next

Before we can issue your certificate, the domain validation for the domains in the order must be complete. See Demonstrate control over domains on your SSL certificate order.

In this section: