These instructions apply to the following Client certificate types:
The general process for issuing Client certificates is:
The below instructions apply to renewing a Premium certificate; differences for other Client certificate types are noted.
Any custom fields your company/organization added will not be documented.
If required, create your CSR.
To learn how to create a CSR, see Create a CSR (Certificate Signing Request).
Note: To remain secure, certificates must use 2048-bit keys.
In your CertCentral account, in the sidebar menu, click Certificates > Orders.
On the Orders page, use the drop-down lists, search box, advanced search features (Show Advanced Search), and column headers to locate the Premium client certificate you need to reissue.
Click Quick View, in the Order # column, for the certificate you want to renew.
Click Renew Certificate in the Order details panel.
On the Request a Client Certificate page, under Certificate Settings, provide the certificate details for your renewal.
Select how often you want the certificate to be automatically renewed from the Automatic Renewal drop-down (under Order Options).
Under Certificate(s) to Request, enter the details for the recipient.
Your CSR must include the
-----BEGIN NEW CERTIFICATE REQUEST----- and
-----END NEW CERTIFICATE REQUEST----- tags.
To add additional Client certificate recipients, click Add Another Certificate and enter the recipient’s details.
Choose your payment information.
Note: If you need to deposit funds before continuing with the certificate order (clicking the Deposit link), your progress will not be saved.
Read and understand the Certificate Services Agreement, and check I agree to the Certificate Services Agreement above.
Click Submit Request.
You'll be taken to the certificate’s Manage Order # page where you can see the status of the email address verifications.
Each email address listed in the certificate request is sent an email that contains a link so that the recipient can validate that they own that email address. If the certificate recipient loses a validation email, you can resend it. See How to Resend an Email Validation for DigiCert "Client Certificate" Email.
On the Orders page (Certificates > Orders), the certificate should be listed with the Status of Pending.
After all email addresses are validated, a link will be sent to the first email address on the list so that the recipient can create their Client certificate.
Note: If you submitted a CSR, then the Client certificate will be attached to the final email.
For instructions on how to install the Client certificate, see (Windows) Importing Your Personal ID Certificate.