Request duplicate certificate

To increase security and simplify the installation of the certificate across multiple servers, create a duplicate certificate for each server.

The details in the duplicate certificate will be the same as in the original certificate. Duplicate certificates never require DigiCert to revoke previous copies of your certificate.

Before you begin

  • Make sure the admin has enabled the duplicate certificate feature on your account.
  • Remove the approval step from the certificate order process.

By default, the duplicate certificate option will not be available in Automation. To get the feature added in Automation, you need to skip the order approval step.

If you choose not to skip the approval, you will not have the option within the automation to place a duplicate certificate request. However, you can always request a duplicate certificate using the manual workflow.

To remove the approval step:

  1. In your CertCentral account, in the left main menu, go to Settings > Preferences.
  2. Find and expand Advanced Settings.
  3. In the Certificate Requests > Approval Steps section, select Skip approval step: remove the approval step from your certificate order processes.
  4. Select Save Settings.
  • Adding extra SANs to a duplicate certificate request is only allowed for SSL Wildcard and Private SSL Wildcard product types.
  • Automation does not support bulk duplicate certificate issuance.
  • The validity of the duplicate certificate will be the remaining validity of the original certificate.

Request a duplicate of a new certificate

  1. Go to Automation > Automated IPs.

  2. Find the certificate you want to duplicate.

  3. In the Action column, select Request a certificate.

  4. On the automation request page, select Issue a duplicate certificate using an existing order.

  5. Enter Common names and/or SANs to find orders you can request a duplicate certificate for.

  6. Select the order you want to duplicate from the list of latest orders that match the Common names and SANS corresponding to the product type and organization of the selected automation profile.

  7. Provide the other required information and schedule the certificate automation.

Request a duplicate of an existing certificate due for renewal or switching to DigiCert

  1. Go to Automation > Automated IPs.

  2. Find the certificate you want to duplicate.

  3. In the Action column, select the appropriate link.

  4. On the automation request page, select Issue a duplicate certificate using an existing order.

  5. Select the order you want to duplicate from the list of latest orders that match the Common names and SANS corresponding to the product type and organization of the selected automation profile.

  6. Provide the other required information and schedule the certificate automation.

To avoid multiple order renewals, DigiCert issues a duplicate certificate of the product type using the latest renewed order available, instead of renewing the original order and the certificate.

For example, suppose you have an original certificate and a duplicate of the original certificate. Remember the Order ID will be the same for both the certificates, for example, 12345.

Assume the original certificate requires renewal. The automation will start the renewal and issue a new certificate with a new order ID (e.g., 67890).

If the duplicate certificate is due for renewal, and if Automation finds a corresponding most recent order available, DigiCert will issue a duplicate of the last renewed order (i.e., Order ID 67890) instead of renewing that duplicate certificate.

However, if there were no renewed orders available matching the criteria, automation will continue with the regular renewal workflow.

Similarly, with auto-renew enabled, a duplicate certificate will be automatically issued using the latest order if it finds the matching criteria. Otherwise, automation will continue with the regular automatic renewal workflow and issue a renewed certificate.