Why would I need to re-issue my SSL Certificate?
During the validity of the certificate you may need to re-issue it for the following reasons:
- You want to setup the website again on the same or different web server and you have lost the private key
The private key is associated with the CSR using which the certificate was generated. So the certificate and private key are linked. You cannot generate a new private key and use the certificate with the new key since the certificate will not work with any other key. Your only option then is to use a new CSR to re-issue the certificate from your Order Details page. Then use the Private key generated with the new CSR to setup the certificate.
- You believe the certificate security has been compromised
Sometimes certificate files such as private key and certificate may fall into the wrong hands either as a result of hacking, local computer access, etc. In such cases it is possible that these files can be used to compromise your website's security. Generate a new CSR - Private key pair and use the new CSR to re-issue the certificate from your Order Details page.
- You believe the certificate has not been issued correctly
Use the same CSR you used to request the original certificate to re-issue the certificate from your Order Details page.
What should I keep in mind when re-issuing the SSL Certificate?
Requesting certificate re-issue is simple and only needs you to provide a CSR. You must either use the original CSR saved on your server or make a new one (recommended for security reasons). When using a new CSR you need to ensure that you have generated it using the exact same Common Name. more info on CSR generation
Sometimes a SSL certificate's validity is set to change when re-issued due to decisions taken by the CA/B forum, a discussion forum for Certifying Authorities and web browser owners. An example of such a case is in this post where SSL certificates already issued for 2 years will not be distrusted by Apple's Safari web browser and will remain unaffected unless you re-issue them on or after 1st September 2020.
For every re-issue request, depending on the Certifying Authority (CA), you may need to do a Domain Control Validation (DCV) check to ensure that the re-issue is being requested by the domain owner or an authorised person. more info on Domain Validation
Once the certificate is re-issued, the previously issued certificate will be revoked by the CA. Continuing to use the previously issued certificate file may end your website trust.
Hence, after getting your re-issued certificate files you should replace the current certificate files on your web hosting/server. You may even need to restart the web server for the new certificate files to be used.
Is there any cost or limit to re-issue my SSL Certificate?
Currently, re-issuing your SSL certificate is FREE of cost and you can re-issue your SSL certificate UNLIMITED times during it's validity.