Tips For Managing A PKI Certificate Renewal

One of the most important aspects of any type of Secure Sockets Layer (SSL) or TLS (Transport Layer Security) product is that it provides trust that the Certificate Authority has verified and validated the information supplied by the applicant for the cert.

This is true for an SSL/TLS product for a website domain or for the internal and external domains offered with the UC certificate for Microsoft Exchange and Office Communications servers. As information about the applicants can change over time, each SSL/TLS product has an issuance date and an expiry date.

In fact, the certificate doesn't simply disappear on the PKI certificate renewal date. Instead, the public and private keys that are linked to that certificate are programmed to cease to function on the expiration date. This means that the domain or subdomain will no longer be secure to transmit data as the ability to encrypt the data, provided by the public key, is gone.

There are several different ways to keep track of your PKI certificate renewal. Of course, for large business entities with multiple domains and perhaps hundreds of subdomains, S/MIME (Secure Multipurpose Mail Extensions) certs and other specified SSL/TLS products this can be a complex task.

The Options for Large Business

For those large eCommerce businesses or for companies with hundreds or thousands of Email certs and Personal Authentication Certificates in addition to domain and subdomain SSL/TLS products, Comodo offers several helpful tools.

One of the most effective to use is our EPKI Manager for a business with both SSL/TLS products and Email certificates. This is a web-based console that allows the designated administrator to access all Comodo PKI certificates through one central command system.

This will automatically notify you of any PKI certificate renewal needs, eliminating the worry of these expiration notices being missed or a website falling through the cracks in other types of cert management programs.

This system also allows you to Pay-As-You-Go for use or to make a small deposit on the account. This deposit allows you to lock in very low prices for all Public Key Infrastructure products.

The Enterprise Public Key Infrastructure Manager is set up to allow the administrator to designate specific sub-users with the ability to access the console to issue certs, revoke compromised certs or to view and use specific reporting features as needed.

All certificates issued through the EPKI Manager system are fully backed by Comodo. The benefit is that they are available immediately upon application if you already have the account open with us. Employees can be up and running with new certs or PKI certificate renewal can all be completed with a simple push of a button to keep the website and your email system fully secure and protected.

Individuals and Businesses

For individuals using our free Personal Authentication Certificates or for small businesses with limited SSL/TLS products and Email certs, there may not be the need to use the EPKI Manager.

For these clients, our system is automated to start to send you notices to the email contact provided on your application for the cert about 60 days before the expiration. This provides you with the time necessary to complete the PKI certificate renewal process.

With the domain types of SSL/TLS, it will be necessary to complete a Certificate Signing Request (CSR) from the server where the certificate and private key will be installed. It will also be important to complete all the lines on the CSR even if there are no changes from the last time you applied for and were granted the certificate.

If you cannot remember the username and password to your account, contact our support team. They can give you this information if you are able to correctly provide answers to the questions from your previous application.

The use of the new certificate is important for the ongoing security of your email encryption and digital signature as well as for a website. By installing a new PKI certificate, the existing keys become invalid, ensuring that there is no risk of someone being able to use the keys in a fraudulent way.

If you require any assistance with your PKI certificate renewal process, just get in touch with the support team at Comodo. If you are considering changing SSL/TLS products or have a question about the best option for your website, give our sales team a call at +1 888 266 6361 or visit with them through the live chat system at

Related Articles
Back to TOP