What does it mean to re-key a certificate?
Re-keying is the process of replacing an existing SSL certificate.
WARNING! Do not revoke your certificate without first speaking with customer support. Once a certificate is revoked it is gone. You cannot re-key a revoked certificate.
NOTE: The original certificate is automatically deactivated when the new one is issued. It is not necessary to request revocation of the old certificate.
Consider re-keying an SSL certificate if any of the following situations occur:
- Loss of your private key
- Compromise of your private key
- Changing hosting providers
- Changing the server the certificate is installed on
- Recovering from a server crash
NOTE: The Distinguished Name (DN) in the replacement SSL certificate must be identical to the Distinguished Name in the SSL Certificate that is being re-keyed. The Common Name, Organization Name, Locality, State/Province, and Country — as entered in the Certificate Signing Request (CSR) — must be the same in both of the certificates. Certificate holders can have their certificates re-keyed at no expense.
If you need to re-key a certificate and do not see that option it is because it has been longer than 30 days since the certificate was issued. Contact customer service for a free re-key token that can be used instead of a revocation.