In a post published a few months ago, I described how to create a free personal certificate using CAcert.org. Owning a personal certificate is a good thing — it allows you to digitally sign emails, documents, software or any other kind of data while proving that it is in fact you who does the signing. But such a certificate is valid only for six months.
CAcert.org sends you an expiration notice 30 days and 15 days before your personal certificate is set to expire.
This gives you ample time to log in to your CAcert.org account, renew your certificate and revoke the old certificate.
Renew and Revoke Online
You can use your old certificate to log into your CAcert.org account. Here is the certificate login link.
Once you are logged in, click
Then select the expired or soon to be expired personal certificate and click on the
You might also want to disable the old certificate’s login capability. To do this, untick the
By allowing a certificate login, that certificate can be used to log in into your CAcert.org account via a secure https link.
Renew the Certificate Locally
However, it is not enough to renew your certificate at the certificate authority’s website. You also need to update your certificate locally, on your own computer.
To install or download your new CAcert certificate, simply click on the underlined email address of the certificate you have just renewed.
This will take you to the certificate’s information page.
Here you can install your new certificate to your browser. Or you can download the certificate in PEM or DER format to your hard drive.
I usually install the new certificate via Mozilla Firefox, then export it to a PKCS #12 (Personal Information Exchange) file, and then import this file to Windows’ native certificate store.
I already described the details of this process earlier here.
Liked this post?
Subscribe to our newsletter to receive early notification of new posts and deals: