What you need to know about domain and certificate migration
February 12, 2020: Initial roll out of domain and certificate migrationAs of February 12, 2020, validated organization validation (OV) and extended validation (EV) domains along with organizations are automatically migrated when you activate your DigiCert® CertCentral account. Domain migration may take up to a few seconds or minutes depending on how many domains you have and the overall impact on DigiCert resources at the time.
Domains pending validation
Domains with pending validation are not migrated. However, once pending domain validation has been completed, validated domains are brought over whenever you import active public SSL/TLS certificates.
Domain validation (DV) domains do not migrate. DV certificates require you to complete domain control validation for every DV certificate event, like new issuance, replacement, and renewal. To migrate a DV domain, simply request, replace, or renew a DV certificate for the domain from your CertCentral account.
Certificates are not automatically migrated to your newly activated CertCentral account. You must import certificates yourself. At this time, only active public SSL/TLS certificates can be imported.
De-activated SSL/TLS certificates cannot be migrated from your legacy account. At this time, only active public SSL/TLS certificates can be imported.
Pending SSL/TLS certificates
Pending public SSL/TLS certificates cannot be imported. However, importing certificates is not a one-time process. After public DV, OV, and EV SSL/TLS are issued, import them any time from the Orders page in your CertCentral account.
Newly validated domains from your legacy account are brought over whenever you import active public SSL/TLS certificates.
To import your active public SSL/TLS certificates, go to the Orders page in your account and click Import legacy certificates (in your account, in the left main menu, go to Certificates > Orders).
Currently, only the person who activates the CertCentral account can access the Import legacy certificates option on the Orders page. Other users in your account can access the Orders page and interact with the imported certificates, but they never see the Import legacy certificates button.
Currently, certificates can be imported once every 24 hours. With each additional import, only new certificates are brought over to CertCentral.
When you import your active, public SSL/TLS certificates to CertCentral, we copy the email addresses from the order in your old account and add them to the additional emails section of your migrated orders.
- Retail
The organization and technical contacts email addresses are copied over to the migrated orders. - Enterprise
The technical contact email address is copied over to the migrated orders.
CertCentral: Certificate orders' additional emails feature
In CertCentral, certificate orders include an additional emails feature. This feature allows you to assign additional email addresses to receive notification emails for the certificate order: renewal notices, reissues, duplicates, etc. To view details about an order, in the left main menu, go to Certificates > Order. Then on the Orders page, click the certificate's order number.
When orders are migrated to CertCentral, renewal emails for these orders are disabled by default. This is because renewal notices for the migrated orders are still sent from your old account. See Renewal emails.
After the order is renewed from your CertCentral account, renewal notices are automatically enabled for the order. Renewal notices for the order are then sent from CertCentral.
Private SSL/TLS, code signing, S/Mime and other types of certificates cannot be imported at this time. Private SSL/TLS and non-SSL/TLS certificate will be part of a separate migration effort.
Your public SSL/TLS certificate renewal emails will continue to come from your old account. The renewal content will change to meet your current situation.
- Non-migrated accounts
Public SSL/TLS certificate renewal email content will remain unchanged and continue to point to your legacy account for renewals. - Migrated accounts
After you activate your CertCentral account and import your active public SSL/TLS certificates, the public SSL/TLS certificate renewal email content will change and point to your CertCentral account for renewals.
Even after an account is migrated, private SSL/TLS and non-SSL/TLS certificate renewal emails will remain unchanged and link to your legacy account for renewals.
When public SSL/TLS certificates are imported to your CertCentral account, they will appear on the Orders page with their new DigiCert CertCentral product names.
| Legacy certificate product name | CertCentral product name |
|---|---|
|
Secure Site Pro with EV Premium Extended Validation SSL |
Secure Site Pro EV SSL |
|
Secure Site Pro Secure Site Pro Wildcard Premium SSL |
Secure Site Pro SSL |
|
Secure Site with EV Standard EV SSL |
Secure Site EV |
|
Secure Site Secure Site Wildcard OFX SSL Standard SSL Wildcard SSL |
Secure Site OV |
| True BusinessID with EV | GeoTrust TrueBusiness ID EV |
|
RapidSSL Enterprise Premium Intranet SSL Standard Intranet SSL True BusinessID True BusinessID Wildcard |
GeoTrust TrueBusiness ID OV |
|
GeoTrust Trial QuickSSL QuickSSL Premium QuickSSL Premium Wildcard |
GeoTrust DV SSL |
| SSL Web Server with EV | Thawte SSL Webserver EV |
|
SSL Web Server SSL Web Server Wildcard |
Thawte SSL Webserver OV |
|
SSL123 SSL 123 Wildcard |
Thawte SSL123 DV |
| FreeSSL | RapidSSL Standard DV |
| RapidSSL |
Retail: GeoTrust Standard DV Partner: RapidSSL Standard DV |
| RapidSSL Wildcard |
Retail: GeoTrust Wildcard DV Partner: RapidSSL Wildcard DV |