Basic and Business SSL/TLS Certificate Enrollment

Industry standards are changing: End of 2-year public SSL/TLS certificates

On August 27, 2020, 5:59 PM MDT (23:59 UTC), DigiCert stopped issuing public DV, OV, and EV SSL/TLS certificates with a maximum validity greater than 397 days. We did this because of the industry’s move away from 2-year public SSL/TLS certificates. For more information about this change, see End of 2-year DV, OV, and EV public SSL/TLS certificates.

You can now only purchase 1-year public SSL/TLS certificates. However, to maximize your SSL/TLS coverage, purchase your new certificates with a DigiCert® Multi-year Plan. For more information about these plans, see Multi-year Plans.

Your CertCentral account includes Basic SSL and Business SSL certificates. Managing your SSL/TLS certificates throughout their lifecycle may include some or all of these tasks:

Order SSL/TLS certificates

  • Basic SSL Certificates:
    Standard SSL, EV SSL, Multi-Domain SSL, EV Multi-Domain, and Wildcard SSL
  • Business SSL Certificates:
    • Secure Site Pro SSL and Secure Site Pro EV
    • Secure Site SSL, Secure Site EV SSL, Secure Site Multi-Domain SSL, Secure Site EV Multi-Domain SSL, and Secure Site Wildcard SSL

Cancel orders

When needed, you can cancel a pending SSL/TLS certificate order, before we issue the certificate.

Check order status

Check the status of your SSL/TLS certificate orders.

Complete domain control validation (DCV)

Before DigiCert can issue your SSL/TLS certificate, you must prove control over the domains on the order. Supported DCV methods for DV certificate orders are:

  • Email
  • HTTP Practical Demonstration

Organization Validation

When ordering Organization Validation (OV) and Extended Validation (EV) SSL/TLS certificates, DigiCert must validate the organization included on the certificate order.

The difference between the EV and the OV SSL/TLS certificates' issuance process is the degree of organization verification (validation) DigiCert does for the certificate type. For EV certificates, the organization validation is more thorough and includes some additional checks. See SSL Certificate Validation Process from DigiCert.

For OV and EV certificates, organizations must be revalidated every 397 days (13 months).

Access issued certificates

To access an issued SSL/TLS certificate, download it from your CertCentral account. You can also email the certificate from your account.

Reissue certificates

Reissue an SSL/TLS certificate to replace the existing certificate with a new one that has different information (for example, add another SAN to a multi-domain SSL certificate).

Cancel reissues orders

When needed, you can cancel a pending reissue request on an SSL/TLS certificate, before we issue the certificate.

Renew certificates

Renew an expiring or expired SSL/TLS certificate order.

Basic CertCentral accounts don't support organization or domain pre-validation. If the validation has expired when you go to renew a certificate, you must demonstrate control over the domains on the renewal order and DigiCert must revalidate the organization.

Revoke certificates

When necessary, you can revoke an issued SSL/TLS certificate.

For example, you are retiring a server and no longer need its SSL/TLS certificate. Certificate revocation is a three-step process:

  1. Submit a certificate revocation request.
  2. An administrator must approve the revocation request.
  3. DigiCert revokes the certificate.