Every digital certificate issued by SSL.com has an expiration date and must be renewed before it becomes invalid. There is no way to modify an existing certificate that has been signed by a CA and installed on a website, workstation, or USB token, so “renewal” of an expired certificate really means the validation, generation, and installation of a brand new certificate.

When renewing extended validated (EV), organization validated (OV), and individual validated (IV) certificates, customers often must repeat validation steps such as callbacks and document submissions. This re-validation is necessary because these certificates are used for identity verification. We tend to think of “identity” as static and unchanging on a day-to-day basis, but information about both individuals and organizations changes over time: phone numbers, addresses, and even names may change; staff members come and go; businesses may split and merge. Therefore, all publicly trusted CAs (including SSL.com) must periodically re-validate this information before issuing a new certificate.

How do I know when I need to renew?

For the convenience of our customers, SSL.com provides a renew link associated with each expiring or expired certificate order to ease this process. These links are a convenience to help you re-purchase the same certificate type without going through the shopping process again.

expiring certificate order
Expiring Certificate Order
expired certificate
Expired Certificate Order
Note on multi-year orders: If you purchased a multi-year certificate order from SSL.com, your certificate itself may expire before your order does. For example, SSL/TLS certificates may be ordered for multiple years but the certificates have a maximum lifespan of one year. In this case the renew link will not be shown on expiry, even though the certificate will be shown as expired. In this case, you would click the change domain(s) / rekey link to begin the process of replacing the expired certificate.

In some cases SSL.com can reuse previously submitted validation information when replacing an expired certificate. For example one year into a three-year EV SSL you would not be required to re-validate, but you would after two years. SSL.com will inform you if re-validation is required when replacing a certificate in a multi-year order.

Certificate Renewal Requirements

Extended Validation (EV)

When renewing an EV Code Signing, EV SSL, or EV UCC/SAN certificate:

  • A new EV Authorization Form must be submitted. SSL.com will call the authorization form signer to confirm their signature and the new certificate request.
  • Before renewing, double-check your organization’s information in Duns & Bradstreet or any other information source that SSL.com will use to validate your renewal request to make sure that it is complete and up-to-date.

Organization Validation (OV)

Certificate types that may include organization validation (OV) information include:

If you are renewing one of these certificate types and your certificate includes validated information about your business or organization:

  • A new callback will be required to renew an OV certificate. Please refer to our how-to on Callbacks for OV Certificates for instructions.
  • Before renewing, double-check your organization’s information in Duns & Bradstreet or any other information source that SSL.com will use to validate your renewal request to make sure that it is complete and up-to-date.
  • Business Identity document signing certificates require a video chat with SSL.com validation staff for renewal.

Individual Validation (IV)

Certificate types that may include individual validation (IV) information include:

If you are renewing one of these certificate types and your certificate includes validated information about your personal identity:

  • Please submit the following identifying information:
    • A scan of the front of a valid, government-issued photo ID card or passport ID page. The ID number may be obscured, but we must be able to see your name, address, year of birth, and photograph.
    • A scan of the back of the government-issued ID card or passport ID page.
    • A photograph of of yourself holding the government-issued ID next to your face so that your face may be compared with the image on the ID. The photograph should be at least 5 megapixels (MP) – most current smartphones can provide an image of 5MP or greater.
  • Business Identity document signing certificates require a video chat with SSL.com validation staff for renewal.
  • Note that Personal Basic email and client certificates do not require validation for renewal because the activation link sent to the subject email address proves access to the email address.

 

Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.