Over the course of your SSL certificate’s lifespan, it may be necessary for you to reissue it at some point. This can happen for a number of reasons:
- Your private key has been compromised
- You are adding/removing SAN’s
- Industry updates
- Changing hashing algorithms
- Moving servers
The good news is that, outside of time, it probably won’t cost you anything–most SSL certificates come with unlimited free reissuances for their entire lifespan. Below you will find instructions on how to reissue your active certificate(s) from your SSL providers control panel.
1. Generate CSR
Before you re-issue your SSL Certificate, make sure that you have the appropriate CSR. For that, you may use either one of the following:
- Original CSR– this is the old CSR you used to issue the certificate previously (note: only do this if you still have access to the Private Key that was generated with that CSR).
- New CSR– create a new CSR using either an online tool or directly from your webserver.
Note: If you generate a new CSR, make sure you save your Private key in a safe place. You will need it to install the re-validated certificate later.