Browse by Topic

Reissuing a Symantec SSL

On December 1st, 2017, Symantec migrated its operation of publicly-trusted certificates to DigiCert, a leading global provider of digital certificates. SSL certificates purchased from BigCommerce are provided by GeoTrust, which is a brand of Symantec. If you're affected by this change, you would have received an email with the subject line Your Store's SSL Certificate containing information about reissuing your certificate.

There are no additional costs or fees to reissue your SSL, but you’ll need to do a couple of things to ensure that your customers can view your store without interruption. The steps outlined below will walk you through reissuing your SSL.

If you are on a Standard or Plus plan, contact our support team for additional assistance with reissuing your certificate.

Requirements

You'll need the following information before you can begin:

  • the email address used to order the SSL
  • the order ID

This information was provided to you in our email communication.

Generating a Certificate Signing Request (CSR)

1. Log into your store as the Store Owner, and go to Server SettingsSSL Certificates.

2. Select the domain you want to generate a CSR for. Click Generate a CSR.

SSL options with Third party highlighted

3. Complete the required information. Click Generate CSR.

Form fields to generate a CSR

4. The CSR will be provided on the following page. Click anywhere in the box and copy the entire block of code, including the lines that contain -----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST-----. Paste the code into a notepad document. It will be used shortly in the following steps.

CSR code

We'll also email the generated CSR to the store owner's email address. The message has the subject line A new CSR has been generated for your SSL certificate.

Reissuing the SSL

1. Go to GeoTrust's User Authentication page and complete the fields using the information we have provided. Click Continue.

GeoTrust user portal login screen

2. Click Request Access next to your SSL order.

Request Access button on the order information screen

You should be taken to a page with an "Order Access Authentication Email Sent" message. This will prompt the system to send you an approver email with a link to access the GeoTrust portal.

3. Check your inbox for an email from sslorders@geotrust.com with the subject line Order Information Request for [domain]. Click the link that follows "To continue, please visit [link]."

4. You will be taken to a Manage Order page. From the navigation on the left side of the page, click Reissue Certificate (located in the top left).

Reissue Certificate link

5. From the Hashing Algorithm drop-down, select SHA-256 with RSA and SHA-1 root.

Hashing Algorithm dropdown

6. Paste the CSR that was generated in the previous steps into the Certificate Signing Request field on the GeoTrust page.

Text field to input Certificate Signing Request code

7. At the bottom of the page, click I agree to this SSL Certificate Subscriber Agreement. Click Submit.

You should be taken to a page with an "Order successfully submitted" message. Check your inbox for an email from sslorders@geotrust.com with the subject line QuickSSL Premium Certificate Request Confirmation (the SSL type may differ depending on the type of SSL you purchased).

8. Click the link that follows [Name] requests that you come to the URL below to review and approve this certificate request. You will be taken to an Order Review and Approval page. Click I Approve to finish the process.

Installing the SSL Certificate

Once the reissue has been approved, you will receive two files: the SSL certificate and a bundle containing the intermediate certificate. If you receive them in a zipped file, extract them on your computer before proceeding.

1. Open the certificates using a text editor such as Notepad or TextEdit. (You may need to open these programs first, then navigate to your certificate files.) Copy the SSL certificate, including the lines that contain -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.

Example SSL Certificate code

2. In the BigCommerce control panel, go back to Server SettingsSSL Certificate, then click Add a 3rd party.

3. Paste your SSL Certificates into the appropriate fields.

  • SSL Certificate — the SSL certificate (it will not be labeled bundle, CA, or intermediate)
  • Intermediate Certificate — the intermediate certificate (it will be labeled bundle, CA, or intermediate)

4. Click Install SSL Certificate.

Install SSL Certificate button

Your SSL certificate will take approximately 20 minutes to install. After this time, you can use the tools listed below to verify that it was installed correctly.

Testing Your SSL Certificate

You can check your SSL using the following tools:

Was this article helpful?