Renewing your Sectigo SSL certificate

On November 1, 2018, Comodo announced that the company is rebranding to Sectigo. For more information about this, please see the following announcement at Sectigo's website:

Any Comodo certificate issued after January 2019 will reference Sectigo as the certificate authority, while any certificates issued prior to that will still reference Comodo. These are still the same company, and the only difference is the name.

The following describes how to renew professionally-signed SSL certificates purchased through Sectigo.

When should I renew my certificate?

Make sure you renew the certificate BEFORE the expiration date. This ensures you do not lose any protection.

Please note that even if you renew before the expiration date, you do not lose any time on your current certificate that you've already paid for.

How to renew a certificate in the panel

SSL certificates do not auto-renew by default. You must manually renew them within your panel.

Certificate Authorities typically send expiration/renewal reminders to the admin address anywhere from 30 to 90 days before the certificate’s expiration date. This is to let you know that you MUST take action to renew the SSL certificate. DreamHost sends SSL certificate renewal notices to the primary contact address of the account 35 days before the expiration date of the certificate. You can then manually initiate the renewal process in your panel.

There are two options to renew your Sectigo signed SSL certificate, which are described in the following sections.

Option 1 — Purchasing a renewal

Renewing your certificate in your panel is basically the same procedure as purchasing a new professionally-signed SSL certificate.

Renewing the certificate before its expiration date does not remove any time on your current certificate that you've already paid for. The new certificate will being to function once the current one expires.

Option 2 — Renewing your certificate in the panel (before it's expired)

To renew a Sectigo certificate (before it's expired) by clicking the Renew button in the panel.

This only appears within one month of the expiration date.

  1. Navigate to the SSL/TLS Certificates page.
    renew comodo cert
  2. Click the Settings button to the right of your domain.
    renew comodo cert
  3. Click the Renew Certificate Now button.
  4. Enter your personal and website information.
    • You must fill in ALL of the fields (including the 'Organization name') in order to successfully proceed to the next step. If you don't have an organization name, then enter your first and last name. 'Street 2' and 'Street 3' are optional fields—you can leave those blank if your address does not include any of this info (such as an apt. #).
    • This information is used to generate the Certificate Signing Request (CSR) that is used to generate your new professionally-signed SSL certificate.
    Click Proceed to Next Step when finished.
  5. On the next page, select one of your domain's emails from the dropdown.

    Confirmation address

    This must be an email on your domain. Make sure one of the emails listed in that dropdown has been created on your domain and you are able to receive mail with it. If it does not exist, create this email first before continuing.

    Please note that the process to verify your domain using email is a last resort. This means you may never receive a confirmation email and the SSL will process correctly. However, it's possible you will receive an email if other DCV steps fail to verify. So it's still important to configure this email address. View the following article for further details:

  6. On the last page choose how you'd like to pay. Your options are either credit card or electronic check.
  7. When finished enter your information, click the Submit Payment Now button.

Option 3 — Renewing your certificate in the panel (after it's expired)

  1. Navigate to the SSL/TLS Certificates page.
    renew comodo cert
  2. Click the Settings button to the right of your domain.
    expired comodo cert
  3. Under your expired domain, click the Renew Certificate Now button.
  4. You can then proceed through the steps (in Option 2) above to enter your personal and credit card information and place the new order.

What if my Sectigo SSL certificate does not complete the renewal process?

There may be situations when your renewal does not complete, even though you renewed your Sectigo certificate in the panel. Typically this shows as 'Unknown' for the Expires value, which is usually due to a failure to respond to the request email sent to the Domain Control Validation (DCV) address you selected for this order.

You must respond to the email that is sent in order to successfully complete the renewal of the certificate.

If you did not receive the DCV email to confirm your SSL certificate order, then follow these steps to reissue a new email request:

  1. Navigate to the SSL/TLS Certificates page.
  2. Click the Settings button to the right of the domain.
  3. When the Settings page opens, click the Resend DCV button.
  4. Be sure to use a valid email address to send the order confirmation to.
    The DCV email is sent to the address you specified. Check your email, and then respond to the request. After the DCV email is confirmed, it can take up to an hour for the SSL certificate to become active.

Renewing your certificate with another Certificate Authority

If you wish to renew the certificate with another Certificate Authority (CA), you can simply copy the Certificate Signing Request (CSR) that's currently in your panel and use it to initiate the renewal process with them. You can access your CSR by following the instructions described in the following article:

If you cannot find an available Certificate Signing Request in the panel for the domain/subdomain, please see the Generating or Regenerating a CSR article instructions on how to replace it.

See also

Did this article answer your questions?

Article last updated PST.