If you lost your private key, changed some contact details of your company, have a new supplier or your certificate was compromised then you need to reissue your certificate.
Please note that the company name can not be changed via a re-issue!
When a reissue is submitted the certificate authority (Comodo, GeoTrust, etc) will generate a new certificate. This new certificate will then be valid for the remainder of the period of the SSL order. This means that if you have a certificate that is valid until the first of October, it will still be valid until the first of October after a reissue. Reissuing a certificate does not cause a renewal of any kind, to renew a certificate you simply order a new one of the same type.
How do I start a reissue?
For single-domain* certificates:
*The process described below is valid for single-domain certificates only. If you have a multi-domain certificate that requires a reissue - please refer to the appropriate section of this article.
First, you will need to find the certificate you want to reissue in your list of SSL certificates. This overview can be found here:
Find the certificate in the list and click on its name and you will be forwarded to our SSL Panel web interface, directly to the order details page.
Click the "Reissue" button in the top right corner of the page:
On the next page you can review your order details, decide what you would like to change and, once you have made up your mind, click the "Generate a new CSR" button:
In the next window you can edit your certificate details, and once you have finished - click the "Generate" button in the bottom right corner of the screen:
Once a new CSR has been generated our system will provide you with a unique RSA private key, which you can find in the next window:
Please make sure to copy and save your RSA key before moving forward - we sent them by email but for safety reasons please keep them in a safe place.
Once you have copied and saved your RSA key tick the checkbox at the bottom of the window and click the "Use this CSR" button.
Once you have performed the actions described above and closed the CSR generation window scroll down to the bottom of the page and click the "Reissue" button.
And that's it! Your reissue request has just been sent to the Certificate Authority, they will contact you shortly.
For multi-domain certificates:
After logging in to your control panel and following the link to the SSL orders list overview (https://rcp.openprovider.eu/ssl/order-overview.php) find the certificate in question and click "Reissue":
On the next page our system will ask you to provide a CSR. You can generate one using a third-party service or our own CSR generation tool. To access it, follow the corresponding menu option under the "SSL certificates" tab:
Please bear in mind, that in order for the newly generated CSR to be valid, the main common name should match the one stated during the initial order. If you would like to change it you should cancel the certificate and request a new one.
Also, make sure to copy and save your private RSA key received during the CSR generation - we do not store backups or provide our customers a copy via email due to security reasons.
After generating and pasting a new CSR click "Next step" and you will be forwarded to the page where you can adjust your alternative names options, if you need to:
Click "Next step" again when you are done.
On this page you do not have to change anything. Just review your certificate details, return back to the previous steps if you need to correct something, and after you have made sure that everything is in order click "Reissue certificate" - doing so will forward your request to the Certificate Authority.
What happens next?
Once you have sent your reissue request to the Certificate Authority you will receive an email from the CA to your confirmation email address. Please read the email carefully and follow the instructions on how to confirm your reissue request. Usually, confirmation comes down to just following a link provided in the email.
Once confirmed, your certificate will be updated, and you can navigate to your order details, download the certificate and replace it on your server together with the RSA private key.