ADSS Web RA supports certificate renewal before a certificate expires. It is the process by which a user renews a certificate for the same public key used in an expiring certificateADSS Web RA supports certificate renewal before a certificate expires. It is the process by which a user renews a certificate for the same public key used in an expiring certificate. 


If it is enabled in the Configurations > Policy from the Admin portal, a user will be able to renew certificates from the web portal. You can see the renewal requests listing in the screenshot below: 


An operator can renew a certificate by following the steps mentioned below from the web portal:


  1. Expand SigningHub > Issued Certificates. 



  1. Click the button against the certificate that you want to revoke and click on More Actions. 



  1. The certificate action screen will be displayed. Select Renew Certificate from the drop down, click the confirmation button and then click Renew. 



The renewed certificate will appear in the listing. 


Second Factor Authentication 


If second factor authentication is enabled on certificate requests, the configured authentication mechanism will function accordingly. When a user clicks on the Generate button, the authentication window will appear, and once it accepts the selected method, it will generate a certificate. 


The authentication mechanism can be one of the following:


  • SMS OTP Authentication 
  • Email OTP Authentication 
  • Email & SMS Authentication
  • SAML Authentication 
  • Active Directory Authentication 
  • Azure Active Directory Authentication
  • OIDC Authentication