Use this endpoint to reissue a certificate. A certificate reissue replaces the existing certificate with a new one that has different information, such as a different common name, CSR, or signature hash.
End of 2-year public SSL/TLS certificates
The Services API no longer issues public SSL/TLS certificates with a validity period greater than 397 days.
When you reissue a public SSL/TLS certificate that has a validity greater than 397 days, the validity period of the reissued certificate is shortened to 397 days or to the time that remains on the order, whichever is sooner. To use the remaining validity included with the original certificate order, reissue the certificate again during the order's final 397-day period.
To learn more about this change, see End of 2-year DV, OV, EV Public SSL/TLS Certificates.
When you reissue a certificate for a Multi-year Plan, you can set a new expiration date for the reissued certificate. For more information, see Multi-year Plans.
For more information, see our knowledge base article. If you have any questions, contact our support team.
curl -X POST \
'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/reissue' \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
"certificate": {
"common_name": "example.com",
"dns_names": [
"sub.example.com"
],
"csr": "<csr>",
"server_platform": {
"id": 2
},
"signature_hash": "sha256"
}
}'import requests
url = "https://www.digicert.com/services/v2/order/certificate/{{order_id}}/reissue"
payload = "{\n \"certificate\": {\n \"common_name\": \"example.com\",\n \"dns_names\": [\n \"sub.example.com\"\n ],\n \"csr\": \"<csr>\",\n \"server_platform\": {\n \"id\": 2\n },\n \"signature_hash\": \"sha256\"\n }\n}"
headers = {
'X-DC-DEVKEY': "{{api_key}}",
'Content-Type': "application/json"
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://www.digicert.com/services/v2/order/certificate/{{order_id}}/reissue"
payload := strings.NewReader("{\n \"certificate\": {\n \"common_name\": \"example.com\",\n \"dns_names\": [\n \"sub.example.com\"\n ],\n \"csr\": \"<csr>\",\n \"server_platform\": {\n \"id\": 2\n },\n \"signature_hash\": \"sha256\"\n }\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}var request = require("request");
var options = { method: 'POST',
url: 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/reissue',
headers:
{ 'Content-Type': 'application/json',
'X-DC-DEVKEY': '{{api_key}}' },
body:
{ certificate:
{ common_name: 'example.com',
dns_names: [ 'sub.example.com' ],
csr: '<csr>',
server_platform: { id: 2 },
signature_hash: 'sha256' } },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});{
"id": 112233,
"requests": [
{
"id": 332211
}
]
}{
"id": 112233,
"certificate_id": 111112
}| Name | Req/Opt | Type | Description |
|---|---|---|---|
| certificate | required | object | Details about the certificate. |
| .. common_name | required | string | Domain to be secured. |
| .. dns_names | optional | array | Additional domains to be secured. |
| .. csr | required | string |
Certificate signing request (CSR). See Glossary – CSR requirements |
| .. server_platform | conditional | object |
Server platform type. Required for EV Code Signing certificate orders. |
| .. .. id | required | int |
Server platform ID. Allowed values:
-1 (other)
|
| .. cert_validity | optional | object |
Defines the validity period of the reissued certificate. If not provided, the validity period for the reissued certificate defaults to the time remaining in the Multi-year Plan or the maximum certificate validity period defined by CA/B Forum baseline requirements, whichever is shorter. This object is ignored for reissues that are not associated with a Multi-year Plan. |
| .. .. years | optional | int |
Number of years the certificate is valid after it is issued. Can be replaced with cert_validity.days or cert_validity.custom_expiration_date.Allowed value: 1
|
| .. .. days | optional | int |
Number of days the certificate is valid after it is issued. Overrides cert_validity.years.Max: 397
|
| .. .. custom_expiration_date | optional | string |
A custom expiration date for the certificate. Overrides cert_validity.days and cert_validity.years.Format: dd MMM YYYY (for example, "09 JUN 2021")Range: Must be within 397 days of the date you request the certificate. |
| .. signature_hash | required | string | Hash algorithm used to signing the certificate. |
| .. profile_option | optional | string |
Certificate profile option for the reissued certificate. Allowed values: See Glossary – Certificate profile options |
| .. ca_cert_id | optional | string |
ID of the intermediate certificate authority (ICA) certificate to select as the issuing certificate. To get the ca_cert_id value for an ICA, use the Product list endpoint.Account administrators can customize the default and allowed ICAs for each product at the container or user role level. If you do not provide a value for this parameter, we issue the certificate using the default ICA. If you provide the ca_cert_id value for an ICA that is not allowed, the request returns an error*. To see the custom ICA settings for each product, use the Product limits endpoint.*This parameter is ignored if the option for ICA selection is not enabled for your account. For more information, see ICA certificate chain option. |
| dcv_method | optional | string |
DCV method to use when verifying domain control. See Glossary – DCV methods |
| comments | optional | string | Message about the reissue. |
| skip_approval | optional | bool |
Specify if the order should skip the approval step and be immediately submitted for validation and issued when complete. Default: false
|
| Name | Type | Description |
|---|---|---|
| id | int | Order ID. |
| certificate_id | int |
Certificate ID. Only returned if skip_approval is true.
|
| dcv_random_value | string |
Random value used for domain control validation. Note:
|
| requests | array | List of requests. |
| .. id | int | Request ID. |