Video guide on how to reissue your code signing certificate
Step 1. Login to your SSLTrust account and submit a reissue request
If you are not already logged in. Login to your SSLTrust account and view your Code Signing Certificate from DigiCert or Verokey you need to reissue.
On the services management page, click the reissue certificate button.
Because we are doing a reissue of our certificate onto the USB eToken, we already have been sent when we first order and initialised the token. We will select Use Existing Token on the reissue page.
If you are using a token you have been sent within the last 5 years, it will most likely be a 5110+. However, if you want to double check, you can see the token type from the SafeNet client app.
We dont need any value for the server platform, so we will continue by clicking the Submit Reissue Request button.
This will then take us to the validation manager, where you will see the order status and any organisation validations. If you require your organisation to be validated ( as it does expire every few years ), you will need to wait for that to be completed by the DigiCert validation team before you continue to the next steps.
When the reissue is ready to be processed, you will be emailed to approve it. So watch for the email and approve it when it is received.
Step 2. Initialise your USB eToken
When your reissue is approved, access the validation manager ( via your SSLTrust account ), and you will see a new initialisation code.
Plugin in your USB eToken
Copy the initialisation code, and then launch the DigiCert Certificate installer from your desktop. If you no longer have it from when you did your original token initialisation and install, you can download it here: https://www.digicert.com/StaticFiles/DigiCertHardwareCertificateInstaller.zip
Also, if you haven't installed them already, you will need the SafeNet drives installed. It is also a good idea to always download the most recent ones, as they update often.
Go here to download the SafeNet Drivers
With the DigiCert Hardware Certificate Installer launched, go through the initial screens of the terms agreement until you get to the screen to paste in your initialisation code, paste it in and click next.
You must select to delete the existing Certificates and Private Keys on the token, as we are reissuing it and installing new ones.
You will need to select your Key type and size
Enter a name for your token and a token password ( or token pin ).
Now, enter a Token Admin password or select to use the token default, which is "0" 48 times.
Now click Finish, and it will start the process of installing a new Private Key and Certificate. This can take a few minutes to complete
When that is complete, your new reissued certificate will be installed on the USB eToken, and you will be ready to continue your code signing.
Discussions and Comments
Click here to view and join in on any discussions and comments on this article.