Help Center

Version 2.0

• SSL Certificates
• About SSL Certificates

Related Articles

• What is an SSL certificate?
• What is the difference between an SSL certificate and a Wildcard SSL certificate?
• How does an SSL certificate work?
• What is "domain control validation"?
• What is a Wildcard SSL certificate?
• What happens when my certificate expires?
• What is SSL?
• How does the Certification Authority verify domain registrant information?

What Does it Mean to Re-Key a Certificate?

Re-keying is the process of replacing an existing SSL certificate. Specifically, re-keying entails:

• Deleting/revoking an existing SSL certificate
• Creating a new public/private key pair
• Issuing a new SSL certificate

The original certificate is automatically deactivated when the new one is issued.

Consider re-keying an SSL certificate if any of the following situations occur:

• Loss of your private key
• Compromise of your private key
• Certificate does not work properly

NOTE: The Distinguished Name (DN) in the replacement SSL certificate must be identical to the Distinguished Name in the SSL Certificate that is being re-keyed. The Common Name, Organization Name, Locality, State/Province, and Country — as entered in the Certificate Signing Request (CSR) — must be the same in both of the certificates. Certificate holders can have their certificates re-keyed at no expense.

You can only request a re-key within 30 days of initial issuance of certificate. A maximum of two re-key requests is permitted within the 30-day period.