What happens when certificate expires


We recently got a code signing certificate that we use to sign our ClickOnce installation.

Will we be able to renew the certificate when it expires? Renewing the same certificate would be preferred, as that would make the ClickOnce just keep working. If we have to buy an all new certificate we will have to find a way to work around this problem.



It is not possible to renew a code signging certificate, you need to buy a new certificate after expiry. But to solve this issue you need to use a timestamping option while signing your application so that when your certificate expires your signed application will not show any expiry warnings.

Please follow the below links to know more abouot timestamping.


As I understand it, using Timestamping will only allow my program to keep running after the certificate has expired, but it will not update. Using a new certificate for signing will force all our users to a manual reinstall. This is the problem that I would like to solve.


For this case I recommend you to buy a code signing certificate with a maximum validity(3 years or above) so that it will avoid signing your application again in a short period of time.


Are you sure you don’t just need to use the same public/private keypair?
One can always create a new CSR using the same.

It’s impossible to supply your own CSR during the Comodo Code Signing application process at this time. Key and CSR generation take place in the browser and are not under the control of the user.

Oh dear. I was about to order one in the next day or two…

That is a serious limitation, especially with SmartScreen reputation etc. all tied to the keys.

Is this likely to change any time soon?

SmartScreen is still in its infancy and its still quite the joke. It does more harm than good as it hurts the “little” guys more so than the big guys. It’s a never ending cycle with Microsoft in this respect.

Re-using the same private key year after year is considered to be bad key hygiene. Just because you can do it doesn’t mean that you SHOULD do it.