Renew a GeoTrust Cloud DV Certificate

Industry standards change: End of 2-year public SSL/TLS certificates

On August 27, 2020, 6:00 PM MDT (August 28 00:00 UTC), DigiCert stopped issuing public DV, OV, and EV SSL/TLS certificates with a maximum validity greater than 397 days. This change may affect your early certificate renewals.

You can still renew a certificate order as early as 90 days to 1 day before it expires. When you renew, DigiCert transfers as much remaining validity as possible to the renewed certificate without exceeding the new 397-day maximum certificate validity. Any validity that we cannot transfer directly to the certificate is transferred to your order. To learn more, see End of 2-year DV, OV, and EV public SSL/TLS certificates.

Before you begin

  • GeoTrust Cloud DV Certificates use Subject Alternative Names (SANs) to let you secure multiple domains (example.com) and wildcard domains (*.example.com) with one certificate
  • Adding SANs to a renewal order for a GeoTrust Cloud DV certificate order may incur additional cost.

A Certificate Signing Request (CSR) is required to complete the renewal order.

Renew your GeoTrust Cloud DV certificate

  1. Create a CSR

    To remain secure, certificates must use at least a 2048-bit key size. For information about creating a CSR, see Create a CSR (Certificate Signing Request).

  1. Locate the certificate order

    1. In your CertCentral account, in the left main menu, go to Certificates > Orders.
    2. On the Orders page, use the drop-down lists, search box, advance search features (Show Advanced Search link), and column headers to find the certificate that needs to be reviewed.
    3. In the certificate's Order # column, click the Quick View link.
    4. In the Order # details panel (on the right side of the page), click the Renew Certificate link.
  1. Add Your CSR

    On the Renew RapidSSL Wildcard DV Order page, use one of the options below to add your CSR.

    1. Click to upload a CSR
      Click the link to upload your CSR file to the Add Your CSR box.
    2. Paste CSR
      Use a text editor to open your CSR file. Then, copy the text, including the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags and paste it in to the Add Your CSR box.
  1. Common Name / SANs

    We carry over the common name and any subject alternative names (SANs) from the original certificate and add it to the Common Name / SANs field.

    Add or remove SANs as needed so the renewed certificate will secure the domains that you want.

The SANs can be domains ([yourdomain.com]) and wildcard domains (*.[yourdomain].com).

Adding SANs to a GeoTrust Cloud DV certificate order may incur additional cost.

  1. How long do you need to protect your site?

    1. Click Select a coverage length.
    2. In the How long do you need to protect your site window, select your coverage.
      1. With a 1-year plan, you get a 1-year certificate by default.
      2. With 2, 3, 4, 5, or 6-year plans, your first certificate has a 397-day validity by default.
      3. For more information about these plans, see Multi-year Plans.
    3. Click Save.
    4. To modify your SSL/TLS certificate coverage, under Plan details, click the pencil.
  1. Certificate validity

    Select the validity period for the first SSL/TLS certificate in your order: 1 year, Custom expiration date, or Custom length.

    • For a certificate with a shorter validity than the order, you will need to reissue your certificate to use the remaining validity on the order.
    • Certificate validity determines the length of the first certificate issued for the plan. If needed, you can change the validity period each time you reissue your certificate.

Industry standards dictate that the maximum validity period for all public SSL/TLS certificates is 397 days (approximately 13 months).

  1. Advanced Certificate Options

    SHA-256 is the only hash algorithm available for DV certificates.

  1. Select a DCV Method to Prove Control Over Your Domain

    Before DigiCert can issue your DV certificate, you must demonstrate control over the domain on your certificate order. To learn more about the available DCV Methods, see Domain Control Validation (DCV) Methods.

    In the DCV verification method drop-down list, choose the DCV method you want to use to demonstrate control over the domain on the certificate order.

    • DNS TXT (recommended)
      The DNS TXT DCV method allows you to demonstrate control over the domain on your order by creating a DNS TXT record containing a randomly generated value.
    • Email
      The Email DCV method allows an email recipient to demonstrate control over the domain by following the instructions in a confirmation email sent for the domain.
    • File
      The File DCV method allows you to demonstrate control over your domain by hosting a fileauth.txt file containing a randomly generated value at a predetermined location on your website.

After submitting your certificate order, you can change the DCV method from the certificate's Order # details page, if needed. (In the sidebar menu, click Certificates > Orders. On the Orders page, in the Order # column of the DV certificate order, click the order number link.)

  1. Select the Language for the DCV Email

    In the DCV Email Language drop-down list, select the language you want DCV authentication email to be sent in.

    Note that this drop-down list only appears when you select Email as your DCV method.

  1. Add a Technical Contact

    Adding a technical contact is optional. However, we recommend adding another person who will receive order emails including the one with the certificate attached, as well as renewal notifications.

    1. In the Order Details section, under Contacts, in the Technical Contact box, click the Add Contact link.
    2. In the Add Contact window, provide the contact’s information (first and last name, job title, phone, and email) and then click Submit.
  1. Notes and Certificate Renewal Message

    Adding notes and a certificate renewal message is optional.

    1. Expand Notes / Renewal Message.
    2. Comments to Administrator
      Add a note to the order that only an Administrator can see (e.g., why the certificate is needed).
    3. Order Specific Renewal Message
      Create an order specific renewal message right now.

Comments and renewal messages are not included in the certificate.

  1. Select Payment Method

    Under Payment Information, select a payment method to pay for the certificate:

    1. Pay with Contract Terms
      Have a contract and want to use it to pay for the certificate?F
      Note: When you have a contract, it is the default payment method.
    2. Pay with Credit Card
      Don’t have a contract or don’t want to use the contract to pay for this certificate? Use a credit card to pay for the certificate.
    3. Pay with Account Balance
      Don’t have a contract or don’t want to use the contract to pay for this certificate? Bill the cost to your account balance.
      To deposit funds, click the Deposit link.

The Deposit link takes you to another page inside your CertCentral account. Any information entered in the request form won't be saved.

  1. Certificate Service Agreement

    Read through the agreement and check I agree to the Certificate Services Agreement.

  1. When you are finished entering your DV renewal order information, click Submit Certificate Request.

What's next

Before we can issue your certificate, the domain validation for the domains on the order (demonstrate control over the domain) must be completed. See Demonstrate control over domains on your SSL certificate order.