...
Most sites recommend creating a new CSR because creating a new certificate with an identical DN will not invalidate the previous certificate.
Renewing Certificate
In the case of not being able to replace a certificate, instructions are provided by the CA you recieved your certificate from. As an example StartSSL requires you to login to the account that created the certificate and provides your account the option to renew the certificate.
Private Key
You can use your existing private key to generate the CSR or create a new one.
...
Run openssl to generate a new server private key
Code Block |
---|
openssl genrsa -out www.example.com_server.key 2048
|
Generate a CSR with the private key
Code Block |
---|
openssl req -new -key www.example.com_server.key -out www.example.com_server.csr
|
...