Skip to main content

Reissue a GeoTrust Wildcard DV certificate

Important

Industry standards change: End of 2-year public SSL/TLS certificates

On August 27, 2020, DigiCert stopped issuing public DV, OV, and EV SSL/TLS certificates with a maximum validity greater than 397 days.

Now, 2-year public SSL/TLS certificate reissues have a max validity of 397 days. This means some reissued certificates will expire before the order expires. To use the remaining validity included with the original certificate, reissue certificates during the order's final 397-day period.

To learn more, see End of 2-year DV, OV, and EV public SSL/TLS certificates.

GeoTrust Wildcard DV certificates use Subject Alternative Names (SANs) to let you secure up to 250 domains. The SANs must be a wildcard domain (*.example.com) or based on your listed wildcard domains (mail.example.com). Adding SANs to a GeoTrust Wildcard DV certificate order may incur additional costs.

  1. Create a Certificate Signing Request: This is required to complete the reissue order. To remain secure, certificates must use at least a 2048-bit key size. Need help creating a CSR? See Create a CSR (Certificate Signing Request).

  2. In your CertCentral account, in the sidebar menu, select Certificates > Orders.

  3. On the Orders page, use the dropdown lists, search box, advanced search features (Show advanced search link), and column headers to find the GeoTrust Wildcard DV certificate you want to reissue.

  4. In the certificate’s Order # column, select Quick view.

  5. In the Order details pane (on the right side of the page), select Reissue certificate.

  6. Add your CSR. We take the common name and any SANs included in your CSR and add them to the Common name and Other hostnames (SANs) fields.

    On the Reissue certificate for order page, use one of the options below to add your CSR:

    • Upload a CSR: Select the link to upload your CSR file to the Add your CSR box.

    • Paste CSR: Use a text editor to open your CSR file. Copy the text, including the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags, and paste it into the Add your CSR box.

  7. Common name: We take the common name included in your CSR and add it to the Common name field.

    Changing the common name when reissuing a GeoTrust Wildcard DV certificate automatically revokes the original certificate and any previous reissues, unless you add the old common name as a SAN on the reissued certificate.

    To add or change the common name, manually enter the domain you want the DV certificate to secure. Make sure to format the common name correctly (*.example.com).

  8. Other hostnames (SANs): We take any SANs included in your CSR and add them to the Other hostnames (SANs) field.

    Add, remove, and reorder SANs as needed so the certificate secures the domains you want.

    • Add SANs: In the Other hostnames (SANs) box, enter additional SANs that you want included in the reissued certificate. These must be wildcard domains (*.example.com) or based on your listed wildcard domains.

    • Remove SANsIn the Other hostnames (SANs) box, delete the SANs you want to exclude in the reissued certificate. Removing SANs automatically revokes the original certificate or previous reissues.

  9. Select a payment method.

    • Pay with contract terms: This is the default payment method for customers with contracts.

    • Pay with credit card

    • Pay with account balance: To deposit funds, select Deposit.

      Notice

      The Deposit link takes you to another page in your CertCentral account. Any information entered in the request form won't be saved.

  10. Signature hash: SHA-256 is the only signature hash available for DV certificates.

  11. Select a DCV method to prove control over your domain. Before DigiCert can reissue your DV certificate, you must demonstrate control over the domains in your certificate order. To learn more, see Domain Control Validation (DCV) methods.

    In the DCV verification method dropdown list, choose the method you want to use for demonstrating control over the domains on the certificate order. You must use the selected DCV method to prove control over every domain on the order.

    • DNS TXT The DNS TXT DCV method allows you to demonstrate control by creating a DNS TXT record with a randomly generated value.

    • Email The Email DCV method allows an email recipient to demonstrate control by following the instructions in a confirmation email sent for the domain.

    • File The File DCV method allows you to demonstrate control by hosting a fileauth.txt file with a randomly generated value at a predetermined location on your website.

    Note

    After submitting your reissue order, you can change the DCV method. In the sidebar menu, select Certificates > Orders. On the Orders page, in the Order # column of the DV certificate order, select the order number.

  12. Select the language for the DCV email: In the DCV email language dropdown list, select your preferred language. This choice only applies if you choose email as the DCV method.

  13. Reason for reissue:These comments are only visible to administrators and are not included in the certificate.

  14. Select Request reissue.