SSL.com

Renewing EV, OV, and IV Certificates

Every digital certificate issued by SSL.com has an expiration date and must be renewed before it becomes invalid. There is no way to modify an existing certificate that has been signed by a CA and installed on a website, workstation, or USB token, so “renewal” of an expired certificate really means the validation, generation, and installation of a brand new certificate.

When renewing extended validated (EV), organization validated (OV), and individual validated (IV) certificates, customers often must repeat validation steps such as callbacks and document submissions. This re-validation is necessary because these certificates are used for identity verification. We tend to think of “identity” as static and unchanging on a day-to-day basis, but information about both individuals and organizations changes over time: phone numbers, addresses, and even names may change; staff members come and go; businesses may split and merge. Therefore, all publicly trusted CAs (including SSL.com) must periodically re-validate this information before issuing a new certificate.

OV SSL/TLS orders with a recently completed or stored validation will now be automatically issued once the organization validation is complete. An OV certificate will be issued immediately if the order is using a previously validated domain and organization identity.

In the case of certificates using a stored validation, no domain validated placeholder certificate will be issued as with new OV SSL certificate orders that do not have a stored organization identity. Only the OV certificate will be issued when a stored organization identity is used.

How do I know when I need to renew?

For the convenience of our customers, SSL.com provides a renew link associated with each expiring or expired certificate order to ease this process. These links are a convenience to help you re-purchase the same certificate type without going through the shopping process again.

expiring certificate order
Expiring Certificate Order
Expired Certificate Order
Note on multi-year orders: If you purchased a multi-year certificate order from SSL.com, your certificate itself may expire before your order does. For example, SSL/TLS certificates may be ordered for multiple years but the certificates have a maximum lifespan of one year. In this case the renew link will not be shown on expiry, even though the certificate will be shown as expired. In this case, you would click the change domain(s) / rekey link to begin the process of replacing the expired certificate.

In some cases SSL.com can reuse previously submitted validation information when replacing an expired certificate. For example one year into a three-year EV SSL you would not be required to re-validate, but you would after two years. SSL.com will inform you if re-validation is required when replacing a certificate in a multi-year order.

Certificate Renewal Requirements

Extended Validation (EV)

When renewing an EV Code Signing, EV SSL, or EV UCC/SAN certificate:

 

Organization Validation (OV)

Certificate types that may include organization validation (OV) information include:

If you are renewing one of these certificate types and your certificate includes validated information about your business or organization:

Individual Validation (IV)

Certificate types that may include individual validation (IV) information include:

If you are renewing one of these certificate types and your certificate includes validated information about your personal identity:

 

Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.
Exit mobile version