Request duplicate certificates from Automated IPs
Create a duplicate certificate for each server to increase security and simplify certificate installation across multiple servers. The details in the duplicate certificate match the original certificate. Duplicate certificates do not require DigiCert to revoke previous copies of the original certificate.
This topic applies to Enterprise and Partner accounts using managed automation through Automated IPs.
Before you begin
Confirm that an administrator enables the duplicate certificate feature for the account.
Remove the approval step from the certificate order process.
By default, the duplicate certificate option is not available in Automation. To enable the feature in Automation, skip the order approval step. Without skipping the approval step, the automation does not offer a duplicate certificate request option. Request a duplicate certificate using the manual workflow instead.
To remove the approval step:
In the CertCentral main menu, go to Settings > Preferences.
Find and expand Advanced Settings.
In the Certificate Requests > Approval Steps section, select Skip approval step: remove the approval step from your certificate order processes.
Select Save Settings.
Notice
Extra SANs on a duplicate certificate request are supported only for SSL Wildcard and Private SSL Wildcard product types.
The duplicate certificate validity matches the remaining validity of the original certificate.Automation does not support bulk duplicate certificate issuance.
The validity of the duplicate certificate will be the remaining validity of the original certificate.
Request a duplicate of a new certificate
In the CertCentral main menu, go to Automation > Automated IPs.
Find the certificate you want to duplicate.
In the Action column, select Request a certificate.
On the automation request page, select Issue a duplicate certificate using an existing order.
Enter Common names and/or SANs to find orders you can request a duplicate certificate for.
Select the order you want to duplicate from the list of latest orders that match the Common names and SANs corresponding to the product type and organization of the selected automation profile.
Provide the other required information and schedule the certificate automation.
Request a duplicate of an existing certificate due for renewal or switching to DigiCert
In the CertCentral main menu, go to Automation > Automated IPs.
Find the certificate you want to duplicate.
In the Action column, select Renew or Switch to DigiCert.
On the automation request page, select Issue a duplicate certificate using an existing order.
Select the order you want to duplicate from the list of latest orders that match the Common names and SANs corresponding to the product type and organization of the selected automation profile.
Provide the other required information and schedule the certificate automation.
Opmerking
To avoid multiple order renewals, DigiCert issues a duplicate certificate of the product type using the latest renewed order available, instead of renewing the original order and certificate.
An original certificate and its duplicate share the same order ID, for example order ID 12345. When the original certificate requires renewal, automation starts the renewal and issues a new certificate with a new order ID, for example order ID 67890.
When the duplicate certificate becomes due for renewal and automation finds a matching recent order, DigiCert issues a duplicate of the most recently renewed order, for example order ID 67890, instead of renewing the duplicate certificate directly. Without a matching renewed order, automation continues with the regular renewal workflow.
With auto-renew enabled, automation issues a duplicate certificate using the latest matching order when one exists. Without a matching order, automation continues with the regular automatic renewal workflow and issues a renewed certificate.