How to Re-Issue Your SSL Certificate on RapidSSLOnline.com
Over the course of your SSL certificate's lifespan, it may be necessary for you to reissue it at some point. This can happen for a number of reasons:
- Replace expiring certificate with time left on plan
- Private key lost or compromised
- Add or remove additional domains (SANs)
- Industry updates
- Changing hashing algorithms
- Moving servers
The good news is that, outside of time, it probably won't cost you anything–most SSL certificates come with unlimited free reissuances for their entire lifespan. Below you will find instructions on how to reissue your active certificate(s) from your CertPanel dashboard.
1. Generate CSR
Before you re-issue your SSL Certificate, make sure that you have the appropriate CSR. For that, you may use either one of the following:
- Original CSR– this is the old CSR you used to issue the certificate previously (note: only do this if you still have access to the Private Key that was generated with that CSR).
- New CSR– create a new CSR using either an online tool or directly from your webserver (recommended – you can find instructions on how to generate a new CSR on your server here).
Note: If you generate a new CSR, make sure you save your Private key in a safe place. You will need it to install the re-validated certificate later.
2. Go to CertPanel dashboard
If you're not already there, login to your RapidSSLOnline account and click My Dashboard to go to your CertPanel.
3. Locate Order
There are several areas you can go to find your order.
If the certificate is expiring soon, click the View All button in either Re-Issue/Renew in 7 days or Re-Issue/Renew within 30 days.
Assets List
The Assets list can help you find orders by the domain name. Click Manage to view the Asset details page.
On the details page for your Asset, check for Issues and actions required, or click Manage to check the associated SSL certificates.
In the SSL certificates list, click the view button to check the full order details. If the certificate is expiring, click "Issue New Certificate" to start the re-issue process.
4. View Order Details
On the Active Order details page, click "Re-Issue the SSL Certificate" to start the re-issue process.
5. Certificate Enrollment
Re-issuing a certificate follows the same steps as when you enroll a new certificate.
Make the necessary selections on the enrollment form and upload your CSR. Double-check your domain information before continuing.
Select your preferred domain validation method: Email, DNS, or File. Instructions for DNS and file-based validation are provided after you submit the re-issue request.
Advanced Configurations
Some advanced settings are available here:
Domain Scope for Validation - change the "scope" of validation to the base domain or the exact domain name listed on the certificate. The scope does not change what domain is on the certificate, but it can make it easier to receive emails or set DNS records on a specific sub-domain.
Enable Client Extended Key usage (EKU) - check this option if your server requires Client Authentication key usage.
6. Submit Re-issue Request
Click the Continue button when you're ready, then double-check the information and submit.
7. Complete Validation
When you re-issue a certificate, you are usually required to at least complete domain validation.
For Organization Validation (OV) and Extended Validation (EV) certificates, you may be required to undergo re-validation with the Certificate Authority. While the re-validation process usually happens quickly, it may be necessary that you complete another verification phone call with the CA. Your certificate organization contact should receive emails from the CA if any action is required to complete validation.
8. Install the New Certificate
After you complete the validation process and have received the reissued SSL Certificate, you can proceed to installing the new certificate. You can find instructions on installing SSL on different servers on our Installation page.