IdenTrust - Support - Renewing a Certificate FAQs

Home | My Account | Contact Us

Home
Company
- At a Glance
- Company Profile
- Management Team
- Sales Team
- News
- Events
- Careers
Solutions
- Overview
- Banks
- Corporates
- Government
- Healthcare
- Products
  - PLOT
  - HUB
  - Identity Network
  - Trust Prime
  - Trust Sign
  - Trust Link
  - Trust Infrastructure
  - Trust Gate
  - MITM
- Digital Signing and Sealing
Certificates
- ACES
- ECA
- IGC
- SSL
- TrustID
- Certificate Chart
- Secure Email
Partner
- Overview
- Solution
- Compliant
- Integration
- Reseller
- Partner List
Library
Education
Support
- ACES
- ECA
- IGC
- SSL
- TrustID
- CMC
- General
IdenTrustSSL.com

SUPPORT

RENEWING A CERTIFICATE FAQ's

Support > Most Popular: Renewal

Your certificate must be renewed periodically (every year for ECA and TrustID certificates, and every two years for ACES certificates). Notification will be sent to your email address 90 days before your certificate expires.

Select from these frequently asked questions about renewing your certificate:

Expiration dates & renewal:

When does my certificate expire?
Which certificates can be renewed after the expiration date?
Which certificates must be renewed before the expiration date?

Renewal process:

How do I renew my certificate?
How do I renew my server certificate?
How long will it take to renew my certificate?
I can’t login to the Certificate Management System.
I’m trying to renew and I get a message that says I need to login to the Certificate Management System with my certificate. What does this mean?

Personal information on your certificate:

Can I update the personal information on my certificate?
I just renewed my certificate and I got an email asking me to send notarized forms. Do I need to send them in again?

Passphrase and passwords:

Can I change my IdenTrust passphrase during renewal?

If you have forgotten your passphrase or password or have other questions about them, please see the passphrase and password FAQ section.

1. When does my certificate expire?
TrustID certificates expire one year from the date of issuance (retrieval); ACES certificates expire two years from the date of issuance. ECA certificates expire one, two or three years from the date of issuance. You can check your expiration date(s) by going to the Certificate Management Center and looking under the Manage Your Certificates heading. Your certificate(s) will be listed there, along with their status and expiration (“valid through”) date(s). You will also receive email notifications 90, 60, 30, 15, 7 and 1 day(s) before your certificate expires.

2. Which certificates can be renewed after the expiration date?
Trust ID certificates may be renewed up to 30 days after their expiration dates.

3. Which certificates must be renewed before the expiration date?
ACES (federal government) and ECA (DOD) certificates cannot be renewed after they expire. If your certificate has expired, you will need to apply for a new certificate.

4. How do I renew my certificate?
If you have an SSL/TLS certificate, please see question 5 (How do I renew my server certificate?), below.

For all other certificates, if your certificate has not expired and it is within 90 days of expiration, simply login to your account in the Certificate Management Center with your current digital certificate.

In the box at the top of the page, click on the Renew button where it says “Please renew now,” then follow the on-screen directions. You may also look under Manage My Certificates and select I would like to renew my certificate from the pull-down menu.

If your certificate has expired, you must login to the Certificate Management Center using your account number and IdenTrust passphrase. To do this, click Cancel when you are asked to authenticate with your certificate. When prompted, enter the account number that was sent to you in a letter when your account was originally approved, and your IdenTrust passphrase, the password you chose online when you applied for the certificate.

Under the heading “Valid Certificates,” there should be only one option; choose All my certificates are expired, and I want to request a renewal, then click Continue and follow the on-screen directions.

5. How do I renew my server certificate?
A server certificate is renewed like any other certificate, with the following changes:

Before starting the renewal process, you will need to create a Certificate Signing Request (CSR).
You will login to the Certificate Management Center (CMC) using your account number and passphrase instead of with a certificate.

Once you have created a CSR and are logged on to the CMC, select I would like to renew my certificate from the pull-down menu. Verify your information, and make any necessary changes.

You will then be asked to provide a CSR; copy and paste it into the field provided:

Follow the remaining on-screen directions to complete the renewal process.

6. How long does it take to renew my certificate?

The renewal process usually takes 3-5 business days. Once we receive your renewal request, our Registration team reviews and approves the account. Once approved, a letter with instructions on how to retrieve the renewed certificate will be sent to you by US mail.

Back to top

7. I can’t login to the Certificate Management Center.
If you are having trouble logging in to the CMC, please make sure your browser is not blocking pop-ups for this site.

If can’t login because you have forgotten your passphrase, you will need to reset your passphrase. You should then be able to access the Certificate Management Center and complete your certificate renewal.

8. I’m trying to renew and I get a message that says I need to login to the Certificate Management Center with my certificate. What does this mean?
In order to renew your certificate before it expires, you must be on the computer that currently holds your certificate. When you login to the Certificate Management Center, a box will appear with your name in it. You must highlight your name and click OK. If your name is not in the box, it means that your certificate is not on the computer you are using.

If your certificate is on another computer, please renew it from that computer.

If your certificate is no longer on any computer, you will need to replace your certificate first and then renew it.

9. Can I update any personal information that has changed?
If any of the person information that goes into your certificate has changed (or will change soon), you should update that information while renewing. In most cases, the personal information in your certificate is your name and email address.

The only time you can change this information embedded in a certificate is during renewal. If this information changes at any other time, you must apply for a new certificate that reflects the changes.

10. I just renewed my certificate and I received an email saying that I need to send in notarized forms. Do I need to send them in again?
For ACES and Trust ID certificates, if your name, your company name, the company headquarters address, or your email address has changed, you will need to resubmit the notarized forms. Otherwise, the original forms you submitted are good for 6 years.

11. Can I change my IdenTrust passphrase during renewal?
You will be asked whether you want to change your IdenTrust passphrase during the renewal process. Remember that this is not the same as the password you use when using your certificate (although you may have chosen the same code for both passphrase and password).

Unless you are confident that you will remember a new passphrase, you should not change it.

Changing this passphrase will not change the password for using your certificate.

For more information on passphrases and passwords see the FAQ about passphrases and passwords.

Back to top