RENEWALS
Note: Certificates may be renewed beginning 90 days prior to the current expiration date.
OVERVIEW
Just like a new purchase, SSL certificates much be renewed, configured and installed prior to their expiration date in order for functionality to continue and not be disrupted.
RENEWAL VS. REPURCHASE
At Webnames, the difference between renewing an SSL Certificate and purchasing a new SSL Certificate (for the same name) is simply that when choosing the renewal option, we automatically reuse your configuration data from your previous purchase/renewal. This configuration data includes the CSR as well as the SSL Contact Information selected. This then allows you to skip Steps One, Two and Three in the table below.
| Step | Description | Who | Where |
1 | CSR Generation | To start the Configuration Process, a CSR Key must be created using the web server hosting your website. | You | Typically In your hosting control panel |
2 | Certificate Configuration | The following information is gathered and sent to the certificate vendor for validation:
| You | The Not Configured section of the SSL Management page in your Webnames account, here. |
3 | Validation | The certificate vendor validates the authenticity of your order and your ownership of the associated domain. Validation is performed differently for different types of certificates | You and the certificate vendor | Typically via email. |
4 | Issuance | Once validation is completed, the SSL certificate is delivered by the certificate vendor via email to you | You | Typically via email, but will also appear in the Issued section of the SSL Management page in your Webnames account, here. |
5 | Installation | Once received, the SSL certificate is copied from your email and installed on the web server hosting your website. | You | Typically In your hosting control panel |
6 | Site Seal Installation | As an optional last step, the site seal from the vendor is installed on your website to show visitors that your website is secure. | You or your webmaster | In the code of your websit |
CERTIFICATE AUTHORITY (CA) REQUIRING A NEW CSR KEY
While most renewals do not require that a new CSR be utilized, there are two scenarios where a new CSR key is necessary:
The server or contact / organization information has changed since the last certificate renewal
The server type which the certificate is installed utilizes a CSR format in which each CSR is unique, and cannot be reused.
The following web server types require that a new CSR key be used upon each SSL Certificate Renewal:
All versions of Microsoft’s IIS server
Tomcat servers
All Java based servers
For these server types, begin the Renewal process by obtaining a new CSR (or ‘Renewal Request) from the relevant web server.
RENEWING AN SSL CERTIFICATE
Once a current CSR key has been obtained, or if your server type does not require that a new CSR key be used for the purposes of renewal, perform the following steps:
Process Overview
Click on the certificate/domain name in question, and then click the RENEW button
Select whether or not to reuse the CSR from the previous year (if nothing has changed since last year, check this box)
Proceed with payment via our website Shopping cart.
If you chose to not reuse the previous year's CSR or configuration data, proceed through configuration as if this were a new SSL certificate. See SSL Configuration for more info/
APPROVAL AND VALIDATION
For most certificates types wherein the same CSR and contact information is reused from the previous renewal (or initial purchase etc.), the validation process by the SSL vendor is not necessary, and thus not performed. If however you did chose to use a new CSR and/or configuration information, then validation will also be necessary.
ISSUANCE
The renewed SSL Certificate is issued in the exact same manner as a newly purchased certificate.
INSTALLATION
The issued SSL Certificate is the installed in the exact same manner as a newly purchased certificate.