Proper SSL renewal procedure

Discussion in 'General' started by yeahright, Oct 19, 2009.

  1. yeahright

    yeahright New Member

    Hi everyone,

    I have a few SSL-enabled client websites, which require annual renewal with the CA provider (in this case, GeoTrust). In order to renew, a new CSR must be generated each time. What is the proper procedure for renewing an existing SSL certificate within ISPConfig, while still being able to keep the current certificate in place until the renewal process is completed (can take up to 72 hours for Business-class certs).

    Presumably if i delete (clear out) the current CSR box within the SSL tab, and choose "Create New Certificate", the newly created CSR and existing certificate will no longer match, and the HTTP service will not restart properly.

    Can anyone clarify?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    To renew a ssl cert, just take the existing csr (dont create a new one) and let it sign again by the ssl authority. Then copy the certificate that you get back from the ssl authority into the certificate field and select "save certificate" as action and click on save.
  3. yeahright

    yeahright New Member

    Wonderful, didn't realize a CSR didn't need to be re-generated from scratch each time.

    Much simpler! Thanks for the reply.

Share This Page