To ensure there is no confusion about replacing a certificate: Replacing your digital certificate is a process where your existing certificate (within the same account with us) is revoked, and a new certificate is created.

Reasons for replacement:

This process is normally only needed if your current certificate unusable for some reason.

1. You have misplaced or forgot your private key password.
2. The certificate is missing from your computer.
3. Certificate is not working properly.

A 'Certificate Replacement' can only be accomplished on certificates where we do not have a copy of an encryption certificate private key. Example types: TrustID, ACES, DOD IECA, SWA Standard-Assurance browser, SWA High/Intermediate Signing-Only.

For accounts where we do escrow (save a copy of) the encryption private key, a 'Certificate Replacement' is not an option. A 'Key Recovery' needs to be done instead.

To replace a digital certificate follow these instructions:

1. Log into our online Certificate Management Center:
• If it asks you to choose a certificate to log in with, click 'Cancel'.
• Enter in your account number, and IdenTrust Passphrase. (the passphrase you entered when you first applied for the certificate)
2. Look for the drop-down box under "Valid Certificates". Select "Replace my certificate", and click the 'Continue' button.
3. Click 'Next'.
4. Record your activation code and enter your Passphrase, Click ‘Next’
5. Keep the default setting and click ‘Next’
6. Choose a security level and click ‘Next’:
• High - Requires you to enter a password each time the certificate is used.
• Medium - Will only prompt you when the certificate is being used.
7. Click ‘Finish’ then click ‘OK’
8. Click ‘Next’ then ‘Next’
9. Click ‘Finish’
10. Your certificate is now installed on your computer and ready for use.