Partner Blog 04-26-2018

Increased Renewal Window

Tobias Zatti

I promised a release this week, specifically on 26 April. And that’s exactly what (and when) we’ll be delivering!

I’m especially proud at my team for this release. They have rolled out a couple new features, while at the same time smashing over 20 bugs in our system! And that in only 7 days—and right on time! Well done, folks.

With over 20 bugs resolved, I won’t (as usual) go into details of what was fixed where  because (as usual) if you were affected by one of the bugs, we’ve been in touch about it already. Regardless, just know that we’re constantly working on improving our systems, making them more robust and better adjusted to your needs.

210-Day Renewal Window

Google asked us to reissue all certificates originally issued through the Symantec hierarchies (including GeoTrust, RapidSSL, and Thawte) by September 13, 2018 (for the Chrome Beta release) / October 23, 2018 (Chrome Stable release).

For some of you reading this, reissuance can be a lot of work, especially when a certificate expires just a couple weeks or months after it’s been reissued. To mitigate this, we increased our renewal window for 1-year renewals for all certificates issued before 1 December 2017 across the GeoTrust, Symantec, RapidSSL, and Thawte brands. This means you can now and renew these certificates up to 210 days before expiration.

This extended renewal window is limited to 1-year certificate renewals due to a recent CA/Browser Forum Baseline Requirements change, which prevents CAs from issuing certificates with lifetimes greater than 825 days.

That said, as a bonus feature, upon reissuance of these certificates, we will round-up the remaining days on your freshly baked renewed certificate to the next full number of months.


Your certificate expires in 131 days—in roughly 4.5 months. Instead of waiting to renew it in 41 days, you decide to renew the certificate today. You’ll receive a replacement certificate with a lifetime of 1 year plus 5 months. The additional half-month worth of bonus days is complimentary.

We hope this feature makes it easier (and truly beneficial) for everyone to replace their certificates.

Improved Bulk Reissuance Tool

As part of the same certificate reissuance project, we introduced a bulk reissuance tool earlier this year, which helps our partners to reissue gobs of certificates at once.

We have continuously worked on improving the tool to meet your needs, including this release’s added capability to resend DCV emails as well as fulfillment emails—in bulk. It’s easy to do: , and we’ll do it for you. Contact your Account Manager to get more information about the exact process. This even works outside of a bulk reissuance context. We hope this makes your life easier.

Next Release: 14 May 2018

The mindful reader of this blog will have noticed that we usually release in a 14-day cycle. However, we are stretching the next release a bit further to May 14th to fit in additional features, instead of making them wait until the end of May.

The 14 May release will deliver some cool great features, including:

  • We will allow 12 and 24 month certificates in the pilot environment, as opposed to just 7 days today. Of course, you will still be able to issue 7-day certs, but we will no longer force a 7-day default if the order is actually for one or two years.
  • File Validation for Revocation requests will return. It’s been suspended since the switch to our OEM platform.
  • You wanted it—and soon you’ll get it: you’ll be able to add SANs to orders that didn’t have SANs in the original request.
  • There will also be some improvements on reporting. But wait for it: I’ll provide more detail when the release goes live.

I’m excited about this next release and hope you are too!

Check back to this blog to discover more updates and other insights about what we are working on!

As always, your direct feedback is appreciated.


3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories


What Is A CA’s Role In Delivering Digital Trust?


The Entrust distrust: Key takeaways for CAs and organizations


How to Secure Quantum Computing in the Cloud