A certificate re-issue is a process in which the a user generates a new private key and CSR for an existing certificate. A user may need to proceed with certificate issuance if he loses or deletes his private key. 

If they want to change any of the certificate information, or if they want to change the certificate's encryption level. Once re-issuance process is complete, a new digital certificate is produced. 


This section lists all the reissue certificate requests. 


  1. Reissue a certificate
  2. Reissue a TLS certificate (CAA Records)

A user will be required to agree to a Subscriber Agreement while certificate reissuance. 


Reissue a certificate


To reissue a certificate from the web portal:


  1. Navigate to the "Certificate Center" and click "Issued Certificates". 
  2. Click the button against the revoked certificate that you want to reissue and click on "More Actions". 



  1. Certificate action screen will be displayed. Select "Reissue Certificate" from the drop down, click the confirmation and then click "View Request". 



  1. You will be navigated to the Certificate Reissue screen. You can add an optional message, and then click "Reissue".



This certificate request will appear in the Reissue Requests listing. 


Reissue TLS certificates (CAA Records)


  1. Navigate to the "Certificate Center" and click "Issued Certificates". 
  2. Click the button against the revoked certificate that you want to reissue and click on "More Actions". 



  1. Certificate action screen will be displayed. Select "Reissue Certificate" from the drop down, click the confirmation and then click "View Request". 



  1. You will be navigated to the SDN screen. Click next.



  1. The SAN screen will appear. Click next to proceed.



  1. Then the Certificate Validity screen will appear. Click next again to proceed. 



  1. The Domain Ownership Verification screen will appear. The Domain Verification Status will appear Unverified. Click Verify to proceed. 



  1. Once the status is Verified, click Reissue. 



  1. You can add an optional message and click Reissue.  



  1. The Certificate Generated confirmation message will appear, as displayed below:



Second Factor Authentication 


If second factor authentication is enabled on reissue requests, the configured authentication mechanism will function accordingly. When a user clicks on the Reissue button, the authentication window will appear. Once it accepts the selected method, and you enter the verification details, it will rekey a certificate. 


The authentication mechanism can be one of the following:


  • SMS OTP Authentication 
  • Email OTP Authentication 
  • Email & SMS Authentication
  • SAML Authentication 
  • Active Directory Authentication 
  • Azure Active Directory Authentication
  • OIDC Authentication