Where are my certificates?

Manage your existing Symantec/GeoTrust/Thawte/RapidSSL certificates

Where are my valid Symantec/GeoTrust/Thawte/RapidSSL certificates?

Until later in 2019, you'll continue to manage your existing certificates in your current Symantec-based (Symantec, GeoTrust, Thawte, or RapidSSL) account. For example, if you need to revoke or replace a certificate ordered before you upgraded to CertCentral, return to your Symantec-based account to manage it.

However, when you're ready to renew a Symantec-based certificate, go to your new CertCentral account instead and get a new certificate for your website. Let the certificate in your Symantec-based account expire.

Later in 2019, we'll move your remaining valid certificates to your CertCentral account.

Where do I track my open orders?

After submitting an order, an order may be in a pending state for one of two reasons:

  • You, or other users on your account place orders that need to be approved by an administrator before they are processed.
  • You, or other users on your account place an order that needs to complete domain or organization validation before it can be issued.

By default, your CertCentral account will require approvals for orders not placed by Administrators. All requests placed by other users will go through both of the above steps. When an order is pending approval, it is known as a pending request. When an order is pending validation, it is known as a pending order. These are shown on different pages in your account.

Pending requests

Pending requests are orders that have not yet been submitted to DigiCert, and must first be approved.

You can see all pending requests in your account on the Requests page (from the sidebar, click Certificates -> Requests). The current number of pending requests are also shown as one of the widgets on your CertCentral Dashboard.

To approve or reject a pending request, click on the order number from the Order # column. There you will be able to see the user who made the request, the date, if a comment about the request was provided, the price, as well as certificate information and the CSR. Requests can be approved/rejected by any Administrator, manager, EV Verified User, CS Verified User, or EV CS Verified User (see Approve a certificate request for more).

The Type column shows if the request is for a pending order (which will display the specific product name being requested) or a revocation request (which will display “REVOKE”).

Once approved, requests will move from the Requests page to the Orders page. Rejected requests will stay on the Requests page and are viewable when you use the ‘Rejected’ filter.

You can change the approval process for your account on the Certificate Requests section of the Settings page (see Manage certificate requests approval for more).

Pending orders

Pending orders are awaiting validation before they are issued. This could be because DigiCert is still processing your order, or we are awaiting more information from you or for you to complete certain validation requirements.

Your pending orders can be seen on the Orders page (from the sidebar, click Certificates). This page shows all orders placed in your account, starting with all pending requests. This table is fully sortable, filterable, and searchable.

To see why an order is pending, click the order number or “Quick View” link. On the Order Detail page (or Quick View pane) you will see section titled Order Status that shows what steps need to be completed. Any actions you need to take are shown under the “You Need To…” section. Incomplete actions are indicated by the yellow clock icon. Complete actions are indicated by green checkmarks. If you have completed all those steps, DigiCert should issue your certificate momentarily. OV or EV orders may take longer to issue as DigiCert verifies certain information.

Orders that have been reissued and require revalidation will also be shown here as “Reissue Pending”. These orders may require additional domain control validation if new domains were added to the certificate, or if certain organization information has expired since the last reissue.

Where do I check for expiring certificates?

In your CertCentral account, in the sidebar menu, click Certificates > Expiring Certificates.

This page shows upcoming and recent expirations of your DigiCert-issued certificates. Expirations are split up in four tables, listing them in chronological order from certificates expired in the last 7 days, to certificates expiring 90 days from today. This page shows all types of certificates including SSL, code signing, email, and private certificates.

On the CertCentral Dashboard, a summary graph shows your expiring certificates. Get full expiring certificates details by clicking the link in the bottom right corner of the graph.

Expiration notices

In addition to your dashboard, CertCentral can notify you of upcoming expirations via email.

By default, the following users receive expiration emails:

  • The email address used to create the account (original administrator only, no other accounts)
  • The user who requested the certificate

You can send expiration notifications to additional email addresses by configuring your Account Notifications.