Industry standards change: End of 2-year public SSL/TLS certificates
On August 27, 2020, 6:00 PM MDT (August 28 00:00 UTC), DigiCert stopped issuing public DV, OV, and EV SSL/TLS certificates with a maximum validity greater than 397 days. This change may affect your early certificate renewals.
You can still renew a certificate order as early as 90 days to 1 day before it expires. When you renew, DigiCert transfers as much remaining validity as possible to the renewed certificate without exceeding the new 397-day maximum certificate validity. Any validity that we cannot transfer directly to the certificate is transferred to your order. To learn more, see End of 2-year DV, OV, and EV public SSL/TLS certificates.
A Certificate Signing Request (CSR) is required to complete the renewal order.
Create a CSR
To remain secure, certificates must use at least a 2048-bit key size. For information about creating a CSR, see Create a CSR (Certificate Signing Request).
Locate the certificate order
Add Your CSR
On the Renew RapidSSL Wildcard DV Order page, use one of the options below to add your CSR.
Common Name / SANs
We carry over the common name and any subject alternative names (SANs) from the original certificate and add them to the Common Name / SANs field.
Add or remove SANs as needed, so the renewed certificate will secure the domain you want.
Make sure the common name is formatted correctly (*.example.com). Also, the SANs must be a wildcard domain (*.example.com) or based off your listed wildcard domains (mail.example.com).
Adding SANs to a GeoTrust Wildcard DV certificate order may incur additional costs.
How long do you need to protect your site?
Select the validity period for the first SSL/TLS certificate in your order: 1 year, Custom expiration date, or Custom length.
Industry standards dictate the maximum validity period for all public SSL/TLS certificates is 397 days (approximately 13 months).
Advanced Certificate Options
SHA-256 is the only hash algorithm available for DV certificates.
Before DigiCert can issue your DV certificate, you must demonstrate control over the domain on your certificate order. To learn more about the available DCV Methods, see Domain Control Validation (DCV) Methods.
In the DCV verification method drop-down list, choose the DCV method you want to use to demonstrate control over the domain on the certificate order.
After submitting your certificate order, you can change the DCV method from the certificate's Order # details page, if needed.
In the sidebar menu, click Certificates > Orders. On the Orders page, in the Order # column of the DV certificate order, click the order number link.
Select the language for the DCV Email
In the DCV Email Language drop-down list, select the language you want DCV authentication email to be sent in.
Note: This drop-down list only appears when you select Email as your DCV method.
Add a Technical Contact
Adding a technical contact is optional. However, we recommend adding another person who will receive order emails, including the one with the certificate attached, as well as renewal notifications.
Notes and Certificate Renewal Message
Adding notes and a certificate renewal message is optional.
Comments and renewal messages are not included in the certificate.
Select Payment Method
Under Payment Information, select a payment method to pay for the certificate:
The Deposit link takes you to another page in your CertCentral account. Any information entered in the request form won't be saved.
Certificate Service Agreement
Read through the agreement and check I agree to the Certificate Services Agreement.
When you are finished entering your DV renewal order information, click Submit Certificate Request.
Before we can issue your certificate, the domain validation for the domains on the order (demonstrate control over the domain) must be complete. See Demonstrate control over domains on your SSL certificate order.