Skip to main content

You will be provided with a retrieval kit and instructions for using our online website to retrieve your certificate, found HERE. You will need to provide the Account Password that you chose when you applied for your certificate. 

As a security measure, your activation code is valid for only one use.  If your computer has had hardware or software problems and your certificate has been lost or corrupted, you will need to replace your certificate. If you wish to use your certificate on another computer, you will need to export your existing certificate to that computer.


Visit our How Do I library for information about how to replace or export your certificate.

Installation instructions will vary depending the OS that is used.  Please visit our How Do I library for detailed instructions for installing your server certificate and the associated root chain.

To ensure there is no confusion about this: a key recovery, when initiated by the end-user, is a process where your previous signing certificate is revoked, new keys for it are created, and a new signing certificate is created (with the same information and expiration as before). It also allows for the same/original encryption certificate and keys to be retrieved again.


This process is normally only needed if your current certificate keys are currently unusable for some reason (deleted, forgotten private key password, etc.).


A key recovery can only be performed where IdenTrust stores a copy of (or escrows) the encryption certificate private key. (Please note that we NEVER have a copy of your signing-certificate private key). In some cases, depending on the type of certificate, we cannot recover your encryption keys.


For accounts where we do not escrow the encryption private key, or accounts that do not have encryption capability, a key recovery is not an option; however, you may be able to initiate a certificate replacement instead.  Visit our How Do I library to learn more about certificate replacement.


To Initiate a Key Recovery:

If your organization has set up a "Certificate Coordinator" or "Local Registration Agent" with us, you can contact them to initiate the key recovery. Otherwise, please follow these steps to initiate the key recovery: 


  1. Access the Certificate Management Center. If you are prompted to choose a certificate to log in, click Cancel.

  2. Enter your account number and your account password.

      -  The account number was sent to you in a physical letter after your account was approved.
      -  The account password is the one that you provided online when you applied for your certificate.

  3. In the section showing your Valid Certificates make sure your current encryption certificate is selected.

  4. In the drop-down box under Valid Certificates, select I would like to request recovery of my certificate

  5. Click the Continue button.

  6. Follow the onscreen instructions to complete the key recovery request.


Note: This request needs to be processed and approved by a member of our Registration department. A new notification with new retrieval information will need to be sent before your new certificate can be retrieved.