If you are reissuing your Extended Validation Code Signing (EV CS) certificate for an HSM device, you must submit a certificate signing request (CSR) with your request.
Only HSM devices require you to submit a CSR with your request. The EV CS secure token reissue form doesn't include an option for submitting a CSR.
To remain secure, certificates must use at least a 2048-bit key size. Refer to your HSM provider's documentation to create the CSR for your request.
In your CertCentral account, in the left main menu, go to Certificate > Orders.
On the Orders page, in the Order # column, click the Quick View link for the EV Code Signing certificate you want to reissue.
In the Order # details pane (on the right), click Reissue Certificate.
HSM devices only – If you are using a secure token, skip to step 5.
On the Reissue Certificate for Order page, upload or paste your CSR in the Add Your CSR box.
Only HSM devices require you to submit a CSR with your request; this option does not appear on the form if you are using a secure token.
In the dropdown, select a signature hash for the certificate: SHA-256 or SHA-1.
Select the platform you want to use your reissued certificate with.
Reason for Reissue
Specify the reason for the certificate reissue.
Click Request Reissue.
An approval for your EV CS certificate reissue may be required. If an approval is required, the EV CS verified contact for the organization is sent an email informing them that they need to approve the certificate reissue request. Once we receive their approval, we'll reissue your EV Code Signing certificate.
After we reissue your EV Code Signing certificate, you'll need to install it. See Installing your DigiCert® EV Code Signing Certificate onto a Secure Token instructions.
Then, you can start signing code. See EV Authenticode® Program Signing & Timestamping Using SignTool instructions.
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.