Need to renew your DigiCert Code Signing certificate? Follow the steps below to renew your certificate.
Industry moved to RSA 3072-bit key minimum for code signing certificates
To comply with industry changes, DigiCert has made the following changes to our code signing certificate process:
eToken and HSM changes
DigiCert supports two eTokens:
*Note: All existing 2048-bit key code signing certificates issued before June 1, 2021, will remain active. You can continue to use these certificates to sign code until they expire.
If a certificate signing request (CSR) is required for your renewal order, best practice is to generate a new CSR when renewing a certificate. To remain secure, certificates must use an RSA 3072-bit or ECC P-256-bit key size or larger.
EV code signing
Sign in to your CertCentral account.
Fill out the certificate renewal order form.
Note: After you submit the renewal order, DigiCert will perform a quick cross-check verification. If your organization’s information was changed in the CSR, you may need to provide new documentation to verify the changes.
A certificate doesn't appear on the Expiring Certificates page until 90 days before it expires.
Once approved, we send an email to the certificate contact with certificate installation instructions.
If you submitted a CSR, we send the renewed certificate to the certificate contact in an email. You can also download the renewed certificate in your CertCentral account.
Use the instructions in the email to install and configure the new certificate. If you submitted a CSR, on your server or HSM, install the new certificate.
For more information about installing code signing and EV code signing certificates, see our Code Signing Support page.
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.