Help Center

Version 2.0

• SSL Certificates
• Working with SSL Certificates

Related Articles

• Generating a Certificate Signing Request (CSR)
• Recognizing Secure Certificates as Valid on Palm OS Devices
• Protecting My Site Against the SSL Vulnerability in Debian GNU/Linux
• Changing the Common Name of a Certificate
• Removing the Advertisement Link from Your SSL Site Seal
• Revoking an SSL Certificate
• Creating a Web Control Page for SSL Validation

Re-Keying an SSL Certificate

Re-keying is the process of generating a new private key for your existing SSL certificate. Your Web server uses the private key to decrypt secure information.

You should re-key your SSL certificate when:

• Your server crashes.
• You lose your private key.
• You move your website to a new server.
• You want to change your SSL certificate's signature algorithm. For more information, see Which secure hash algorithm should I use for my SSL?
• You want to change your SSL certificate's issuing organization. For more information, see Using the Right Issuing Organization for Your SSL.
• You change the encryption level of your SSL certificate. For more information, see Why do you require a 2048-bit key for my CSR?

Before You Begin

Before you can re-key your SSL certificate, you must generate a new certificate signing request (CSR) from your Web server. For instructions, see Generating a Certificate Signing Request.

The information in your new CSR must be identical to the information for your existing certificate. You cannot change the certificate details, such as the organization or domain name. If you need to change your certificate details, you must revoke the certificate in your account, purchase a new SSL credit, and complete the SSL request again.

NOTE: We automatically deactivate the previous certificate when we issue the new, re-keyed certificate. Do not revoke unless you are certain you want to cancel the existing certificate. When you revoke, the SSL credit is canceled and you cannot re-key the certificate.

To Re-Key an SSL Certificate

1. Log in to your Account Manager.
2. Click SSL Certificates.
3. Next to the certificate you want to re-key, click Launch.
4. Go to the Manage Certificates tab.
5. In the Filters list, click Certificates.
6. Select the certificate(s) you want to re-key, and then click Re-Key. The Re-Key Certificate page displays.
7. If your domain name uses our shared hosting, and you want to switch to third-party hosting or one of our virtual private or dedicated servers: For What would you like to do?, select Un-install this certificate.

   NOTE: This operation removes your existing SSL certificate from your shared hosting account, causing temporary website downtime for up to 72 hours.

8. In the CSR field, paste your new CSR, including ----BEGIN NEW CERTIFICATE REQUEST---- and ----END CERTIFICATE REQUEST----.
9. Select a Signature algorithm and a Certificate issuing organization, and then click Re-Key. We'll send you an email message with instructions to validate and download your certificate.

We'll remove the old certificate from our system within 24 hours. To ensure continuity of service, you must install the re-keyed certificate immediately. For instructions, see Installing an SSL: Server Instructions.

• Not helpful
• Somewhat helpful
• Helpful
• Very Helpful
• Solved my problem