...
With Apache it is possible to renew the SSL Certificate with the original CSR, however, most sites recommend creating a new CSR.
Most sites can recommend creating a new CSR because creating a new certificate with an identical DN will not invalidate the previous certificate.
...
| Info |
|---|
There is no clear consensus on whether creating a new or using an old private key is considered best practice. It is not necessary to create a new private key depending on which web server you are using, (ie you'd need to create new private keys due to the way Microsoft IIS Web server handles storing private keys) but many sites like sslshopper.com recommend that a new private key be created as it avoids confusion and is simplest. |
| Warning | ||
|---|---|---|
| ||
Duncan the sentence "It is not necessary to create a new private key depending on which web server you are using, (ie you'd need to create new private keys due to the way Microsoft IIS Web server handles storing private keys) but many sites like sslshopper.com recommend that a new private key be created as it avoids confusion and is simplest." does not make sense to me. We'll talk about it tomorrow. |
Condensed instructions are as follows:
...