A certificate re-issue is a process in which the a user generates a new private key and CSR for an existing certificate. A user may need to proceed with certificate issuance if he loses or deletes his private key. 

If they want to change any of the certificate information, or if they want to change the certificate's encryption level. Once re-issuance process is complete, a new digital certificate is produced. 


This section lists all the reissue certificate requests pertaining to Desktop Signing. 


  1. Reissue a Certificate
  2. Reissue a Certificate with CAA Records

A user will be required to agree to a Subscriber Agreement while certificate reissuance. 


Reissue a Certificate


To reissue a certificate from the web portal:


  1. Navigate to the "Desktop Signing" and click "Issued Certificates". 
  2. Click the button against the revoked certificate that you want to reissue and click on "More Actions".



  1. Certificate action screen will be displayed. Select "Reissue Certificate" from the drop down, click the confirmation and then click "View Request". 



  1. The request will appear on the screen. You can edit the common name, then click "Next" and move to the second stepper. 



The Certificate Validity screen will appear. Click "Reissue". 



You will be navigated to the Certificate Reissue screen. You can add an optional message, and then click "Reissue".






This certificate request will appear in the Reissue Requests listing under the Desktop Signing section. 


Reissue a Certificate with CAA Records


  1. Navigate to the "Desktop Signing" and click "Issued Certificates". 
  2. Click the button against the revoked certificate that you want to reissue and click on "More Actions".



  1. Certificate action screen will be displayed. Select "Reissue Certificate" from the drop down, click the confirmation and then click "View Request". 



  1. The request will appear on the screen. You can edit the common name, then click "Next" and move to the second stepper. 


  1. The SAN screen will appear. Click next to proceed.



  1. The Certificate Validity screen will appear. Click "Reissue". 



  1. The Domain Ownership Verification screen will appear. The Domain Verification Status will appear Unverified. Click Verify to proceed. 



  1. Once the status is Verified, click Reissue. 



  1. You can add an optional message and click Reissue.  



  1. This certificate will appear in the Reissue Requests listing under the Desktop Signing section. 



Second Factor Authentication 


If second factor authentication is enabled on reissue requests, the configured authentication mechanism will function accordingly. When a user clicks on the Reissue button, the authentication window will appear, and once it accepts the selected method, it will generate a certificate. 


The authentication mechanism can be one of the following:


  • SMS OTP Authentication 
  • Email OTP Authentication 
  • Email & SMS Authentication
  • SAML Authentication 
  • Active Directory Authentication 
  • Azure Active Directory Authentication
  • OIDC Authentication