Entrust Migration - Partner FAQs

General

How does this acquisition impact me?

All Entrust customers and partners will be migrated to Sectigo. Sectigo and Entrust are working together to provide tools and information to help you during the migration process. Entrust's ECS Public Trust capabilities and the ECS Partner Portal will be end-of-lifed on September 8, 2025.

What Entrust products are affected by this acquisition?

The acquisition includes all public-facing certificates, such as SSL/TLS, S/MIME, Code Signing, Document Signing, eIDAS, and Verified Mark certificates. Private CA offerings are not included.

Will my customers’ SSL.com certificates recently issued through Entrust Certificate Services (ECS) remain valid?

Yes, your customers’ existing SSL.com certificates will remain valid for their entire lifetime. Certificate renwals will be done through the Sectigo CA.

Do my customers need to revalidate their domain(s) for their existing SSL.com/Entrust certificates?

Your customers do not need to revalidate their domain(s) for currently active certificates validated by Entrust. When you transition over to the Sectigo CA, you will need to revalidate your domains.

Will I be able to continue requesting QSeal PSD2, QWAC PSD2, and other eIDAS related certificates with Sectigo?

Yes, you are able to acquire additional eIDAS certificates using this link: https://www.sectigo.com/eidas-products#signing-certs. If you have existing certificate inventory purchase through Entrust, your Entrust rep can provide you with coupon codes you can use to purchase new certificates at no cost on the Sectigo website.

Will I be able to continue requesting Document Signing certificates with Sectigo?

Yes, you are able to acquire additional Document Signing certificates using this link: https://www.sectigo.com/ssl-certificates-tls/document-signing-certificates. If you have existing certificate inventory purchase through Entrust, your Entrust rep can provide you with coupon codes you can use to purchase new certificates at no cost on the Sectigo website.

Where do I get support?

Entrust will continue to provide support for ECS. If there is an issue in the Sectigo Platform/SCM, we recommend getting in contact with Sectigo's support team. You can submit a ticket request with Sectigo support here: https://www.sectigo.com/support-ticket

Who to contact after September 8, 2025?

Email	[email protected]
Live Chat	Retail/Partner Support Portal
Phone	(US) +1 (888) 266-6361 / (International) +1 (914) SECTIGO (732-8446)
Knowledge Base	Retail KB

What's changed for the better: You now have access to specialized support teams with experts dedicated to your customer type, faster response times through streamlined workflows, an expanded knowledge base with comprehensive guides, and proactive updates on services and best practices.

Will ECS be end-of-lifed? If so, when?

ECS for public trust certificate issuance and management is scheduled for end-of-life on September 8, 2025. Customer ECS accounts will need to be migrated to Sectigo prior to September 8, 2025.

Can my customers issue new Sectigo certificates through ECS?

Yes, your customers can renew their expiring certificates or buy new Sectigo certificates directly from ECS. You can find more information on how to do this here: https://files.entrust.com/presentations/ecs-14-1-1-customer/index.html#/

Will there be any differences to my certificate (appearance/functionality/etc.) if they are issued from Sectigo vs. Entrust?

No, there will be no difference between a certificate issued from Sectigo vs Entrust.

If we just renewed our certificate with SSL.com Root CA, will this remain till next year after renewal or will we have to go with Sectigo Root CA?

The SSL/TLS certificate issued from SSL.com will reamin active for the lifetime of the certificate. Renewing the certificate will be issued from a Sectigo CA.

Will I be able to continue requesting VMC certificates with Sectigo?

Yes, you are able to acquire additional VMC certificates using this link: https://www.sectigo.com/ssl-certificates-tls/verified-mark-certificates. If you have existing certificate inventory purchase through Entrust, your Entrust rep can provide you with coupon codes you can use to purchase new certificates at no cost on the Sectigo website.

At which point Sectigo representative will contact us to review what we have and provide recommendations?

If Sectigo and/or Entrust has not reached out to you for a discussion, we encourage customers and partners to reach out to Sectigo to schedule a call.

For customers, it is: [email protected]

For partners, it is: [email protected]

How do I learn more about the details of the migration?

Sectigo will send out additional information prior to the migration date.

Migration - ECS Partner Portal

Will I continue to use the ECS Partner Portal?

Access to the ECS Partner Portal will remain available until mid September 2025. However, after the migration date, the ECS Partner Portal will be in read-only mode for all customers

When can I migrate my customers to Sectigo Certificate Manager?

If you use the Entrust Partner Portal, you will start migrating your customers SCM accounts on July 15, 2025. Your customer and inventory data will be automatically migrated to the Sectigo Partner Platform on July 15, 2025 and you will have the ability to manage and migrate customer ECS accounts at that time.

Will my customers be tagged as managed or unmanaged accounts?

Any customers who are managed by the partner today will be imported as managed customers. Customers who have their own ECS accounts will be imported as unmanaged.

Will I be migrated to a Sectigo Partner Platform?

All partners currently using the ECS Partner Portal will be migrated to the Sectigo Partner Platform in July 2025.

Will I have access to my customers' SCM Accounts?

Sectigo Partner Platform will designate managed and unmanaged customers. Partners will be able to directly log into any SCM acocunt that is designated as managed. Unmanaged accounts will require the customer to log in to administrate.

Migration - ECS to SCM

What are the keys dates regarding the Automated Migration Tool?

June 9, 2025: Sectigo's Automate Migration Tool becomes available in ECS
September 8, 2025: ECS Public Trust End-of-Life.

Customers not migrated by EOL will be automatically moved to SCM.

Read-only access will remain for ECS accounts that complete migration until September 17, 2025.

Can my customers use the Automated Migration Tool?

Yes, the Automated Migration tool will be available to customers sold through the Partner Portal in July. Customers sold outside of the partner portal will have access to the tool in June.

Will I have visibility to all of my previous certificates from SSL.com and Entrust after I migrate?

Yes once you migrate, your SSL.com and Entrust certificates will be visible in Sectigo's platform (SCM).

Who is responsible for using the Automated Migration Tool?

The tool is enabled per ECS account. The party responsible for managing the certificates and operations in ECS must initiate the migration.

How long will I have access to ECS?

Access to the ECS will remain available until September 17, 2025. However, after the migration date, ECS will be in read-only mode for all customers

I have some certificates expiring soon, but I want to prepare for Sectigo. Once all my domains are validated can they switch back to SSL.com on ECS platform?

Sectigo wants to provide assistance on this matter, and we recommend moving to the Sectigo platform sooner rather than late to mitigate and future issues. Please reach out to a Sectigo sales representatives to start this process.

Product

Does Sectigo support ACME?

Yes, Sectigo supports the ability to issue certificates using the ACME Protocol.

What automation capabilities does the Sectigo Portal have? Is there any information available?

Yes, We would recommend to get in contact with your Sectigo sales representatives to learn more on the automation capabilties the Sectigo Platform/SCM can offer. SCM offers robust automation options, including ACME, EST, SCEP, and REST API, that streamline certificate management across diverse environments.

How long does it take Sectigo to validate/verify a domain?

Validating a domain should be within seconds or minutes. However, if a domain control validation is iniitated and not used for a few days, then the domain control validation needs to be re-initiated.