What Is Included in a BIMI Certificate Renewal Service?

Published On: June 23, 2026Read Time: 3 minutes
Direct Answer

A BIMI certificate renewal service covers the reissuance of a VMC or CMC — including CA revalidation of trademark and organization identity — plus deployment of the new certificate and confirmation that logo display resumes without a gap. The service scope varies by provider. What it does not cover is trademark renewal, DMARC configuration changes, or SVG logo work unless those are explicitly included in the service agreement.

Core Components of a Renewal Service

  1. 1
    Certificate revalidation coordination

    Liaison with the issuing CA to initiate the revalidation process. This includes confirming the trademark is still active, the organization identity is current, and the logo has not changed materially since original issuance.

  2. 2
    Documentation gathering and submission

    Collecting the trademark registration record and organizational identity documents required by the CA for renewal. Incomplete documentation is the most common cause of renewal delays.

  3. 3
    New certificate issuance

    Receipt of the replacement certificate from the CA after validation is complete. The new certificate is typically issued for a 1–3 year term depending on the CA and the certificate type.

  4. 4
    Certificate hosting and deployment

    Updating the hosted certificate file at the URL referenced in the BIMI record’s a= tag. If the URL changes, this also includes updating the BIMI DNS record accordingly.

  5. 5
    Post-deployment verification

    Confirming the new certificate is accessible, the BIMI record resolves correctly, and logo display has resumed in target inboxes. Includes running the BIMI checker to verify the end-to-end configuration.

What Is Typically Not Included

Renewal services cover the certificate and its deployment. The following are not included by default unless the renewal package or provider service explicitly includes them:

Trademark renewal. Keeping the trademark registration active with a recognized VMC trademark office is the domain owner’s responsibility. A lapsed trademark during renewal becomes a new application, not a renewal.

DMARC remediation. If DMARC enforcement has degraded since the original setup, restoring it is not included by default and requires a separate arrangement. See DMARC Services for that scope.

SVG logo updates. Logo validation and conversion work is not included by default. If the logo has changed materially, a new certificate application — not a renewal — is required. See Do I Need Revalidation During VMC Renewal?

Renewal services initiated 30–45 days before certificate expiry have enough time to complete without a logo display gap. Services initiated within 2 weeks of expiry risk a gap if CA revalidation encounters any delay.

Frequently Asked Questions

Does the renewal service apply to both VMC and CMC certificates?

Yes, the core renewal scope applies to both. The main structural difference is that VMC renewal requires trademark revalidation at a recognized office, while CMC renewal — which does not require a registered trademark — involves a different identity verification scope. Confirm the exact revalidation requirements with the CA for your certificate type.

Will my logo display go dark during renewal?

Not if the renewal is completed and the new certificate is deployed before the current one expires. Logo display requires a valid, accessible certificate at the a= URL at the time each message is evaluated. As long as a valid certificate is always present, there is no interruption to display.

Can I switch Certificate Authority during renewal?

Switching CA during renewal is effectively a new application rather than a renewal, since the new CA must complete its own full validation regardless of prior issuance. It is possible but requires more time. For CA switching guidance, see Switching VMC Providers: What to Expect.