How do I get my Certificate reissued?

There are times when your Certificate hasn’t expired, but you need to have it reissued. For instance, these are the cases when the Private key is lost or doesn’t match the Certificate, when the website moves to another host, or when some of the Certificate details (common name, organization name or contact details) need to be changed. The reissue process is free and it is similar to the first activation.

Follow these steps to complete the reissue:

  1. Log in to your SSLs.com account.

  2. Go to the Purchased certs list.

3. Click on Details next to the Certificate that you want to reissue.

   4. On the Details page, click Reissue at the right side of the green options bar.


 Next steps depend on the Certificate type. Jump to the section that applies:

PositiveSSL & EssentialSSL Certificate reissue
InstantSSL, PremiumSSL & EV SSL Certificate reissue
Multi-Domain, Unified Communications & EV Multi-Domain Certificate reissue
Next steps

PositiveSSL, EssentialSSL, PositiveSSL Wildcard & EssentialSSL Wildcard Certificate Reissue

Step 1: Reissue for

  Verify that the domain name you want a reissued Certificate for is correct.

Note: you can change it by deleting the default domain tags and entering your chosen domain. Keep in mind that changing this common name for single-domain or wildcard certificates revokes the initial Certificate.

  Click Onwards.

Step 2: Make key

  You can download the new key automatically generated in your browser or submit a manually generated CSR.

Note: both options support IDNs with these TLDs. Paste the IDN instead of typing it, to ensure there are no mistakes.

a) Auto-activate Option

This in-browser generator is the default option. Click on the round key icon to save the Private key for the reissued Certificate.

Keep in mind that by default, the Private key will be saved to the “Downloads” folder on your computer. So, ensure to keep it safe and not to remove accidentally when clearing up your downloads.

b) Enter CSR Option

To switch to using the CSR pre-generated on your server, or to receive a command to generate one, tick the Enter CSR option.

Note: you can select the encryption method and server type to receive the corresponding command in the CSR Command field.

The Private key is generated along with CSR, and should be kept on the server. This code will be needed during your SSL installation.

In the Enter CSR field, paste the CSR code, including —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—–.

Click Onwards.

Step 3: Review & Submit

Verify that the domain is correct.

Choose your preferred DCV method i.e. receive an email which is fastest, or upload a validation file.

Click Submit.

Now your reissued SSL Certificate is activated. Next you’ll complete the Certificate Authority validation process.

InstantSSL, EV SSL, InstantSSL Pro, PremiumSSL & PremiumSSL Wildcard Certificate Reissue

Step 1: Reissue for

Verify that the domain name you want a reissued Certificate for is correct.

Note: you can change it by deleting the default domain tags and entering your chosen domain. Keep in mind that changing this common name for single-domain or wildcard certificates revokes the initial Certificate.

Click Onwards.

Step 2: Make Key

You can download the new key automatically generated in your browser, or submit a manually generated CSR.

Note: both options support IDNs with these TLDs. Paste the IDN instead of typing it, to ensure there are no mistakes.

a) Autoactivate Option

This in-browser generator is the default, which happens after you specify the domain for your Certificate. Once that happens, click on the round key icon to save the Private key for the reissued Certificate

Keep in mind that by default, the Private key will be saved to the “Downloads” folder on your computer. So, ensure to keep it safe and not to remove accidentally when clearing up your downloads.

b) Manual CSR Option

To switch to using the CSR pre-generated on your server, or to receive a command to generate one, tick the Enter CSR option.

Note: you can select the encryption method and server type to receive the corresponding command in the CSR Command field.

The Private key is generated along with CSR, and should be kept on the server. This code will be needed during your SSL installation.

In the Enter CSR field, paste the CSR code, including —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—–.

Click Onwards.

Step 3: Pick company

We will pre-fill the information from your previous Certificate. Make sure that the details are correct and appear as they’re listed in the government or business directories (Yellow Pages, Duns & Bradstreet etc).

Note: you can change your company details within 45 days from the Certificate reissue date.

Step 4: Review & Submit

Verify that the domain is correct.

Choose your preferred DCV method i.e. receive an email which is fastest, or upload a validation file.

Click Submit.

  Now your reissued SSL Certificate is activated. Next you’ll complete the Certificate Authority validation process.

Multi-Domain SSL, Unified Communications & EV Multi-Domain Certificate Reissue

First, you’ll need to get a new CSR code. You can request this from your hosting provider, or generate it yourself. View the CSR generation instructions to learn more.

Once you have a new CSR, you’re ready for Step 1 below.

Reissue is free of charge, unless you are adding additional domains (SANs).

If you’re reissuing EV Multi-Domain, Multi-Domain SSL or Unified Communications Certificates using the same contact information, you’ll speed up the validation process.

You can change your company details via reissue within 45 days from the Certificate initial issuance date.

Note: all our Certificates can be reissued for a different domain.

Now let’s get started:

Step 1: Enter CSR

Copy and paste the CSR code generated for the Certificate reissue.

Step 2: Domains

Select the server type that the Certificate will be installed on.

Check the domains (SANs) that will be secured by SSL, and click Onward. Alternatively you can re-generate the CSR by following the prompt messages.

You can easily add more domains using the + button.

Step 3: Domain Ownership

Choose your preferred DCV method i.e. receive an email which is fastest, or upload a validation file.

Note: the Upload A File method for domain verification is not available for EV SSL, Multi-Domain SSL, and Unified Communications Certificates. You can manage validation of your SSL using the Sectigo Order Status Checker. Alternatively,  contact our Support team.

 Confirm or change your administrative contact information:

  1. First/Last name
  2. SSL Admin contact
  3. Phone number
  4. Fax number
  5. Country
  6. State
  7. City
  8. Zip code
  9. Address
  10. Company name
  11. Job Title

EV SSL, Multi-Domain SSL and Unified Communications Certificates will have separate fields for the company details, and/or callback verification information.

Note: it’s not possible to change your administrative email address during the reissue process. The reissued Certificate will be sent to the same email that was chosen during your original Certificate activation.

Now your reissued SSL Certificate is activated. Next you’ll complete the Certificate Authority validation process.

Next steps

Use these guides to help you with Certificate Authority validation:

  1. Domain Control Validation (DCV) process.
  2. Company Validation process for OV and EV Certificates i.e. they require additional verification.

Note: use the Sectigo Order Status Checker to speed up the validation process and to track your progress.

After the Certificate Authority has completed your validation, they will send your reissued SSL to your specified administrative email address. If you don’t receive it for some reason, you can always download the Certificate from your account.

Note: don’t forget to install the reissued Certificate on your server to replace the old one.