renew the ssl Certificate

[mist_firefly]

I need to renew the SSL Certificate on the server.

We have plesk 10. At the moment we have an ssl certificate that will expire in June.
If I understand it right I need to first do : http://support.godaddy.com/help/article ... n&ci=46061
And then change it on the control panel.
Do I need to add a new certificate through the control panel and put the information there? Or do I just modify the current one?

Is there a tutorial on how to do that and do I need to change other things or just doing that on the control panel is enough?

I know that the previous certificate will be deactivate when a new one is issued, re-keyed certificate - would that affect domains?

Thank you.

[faris]

Godaddy allows you to use the current CSR (certificate signing request) which, technically, allows you to generate a new certificate within Godaddy's interface and then past the new certificate details over the existing one in the Panel.

However, I never do that. I generate a new CSR every time. To do this:

I login to Plesk, click on Add new certificate, generate the CSR, then copy and paste that into the Godaddy interface in the appropriate place.

Once the certificate has been processed by godaddy, approved and generated, I then download it (select Plesk from the drop down), then copy the certificate part into the certificate text box in Plesk, and the CA certificate(s) (sometimes there are two or even three CAs) into the CA text box in Plesk and click on OK or whatever the button in Plesk says when you are finished.

Note that copying and pasting can be tricky: at all stages you need to make sure the right column aligns - i.e. that you don't get line breaks where there should be none.

You then need to change which certificate the domain (or panel) uses in Plesk - from last year's to this new one. That's the "hardest" part but for a domain you'll find it in the Show advanced options -> website scripting and security.

Also note: If you are adding the certificate to protect a domain, add the new certificate in the domain's part of the control panel. If you are adding a certificate to protect Plesk, add it in the admin part of the control panel.

If you want to use the certificate to protect plesk and also to protect a domain of the same name (e.g. your-hosting-company-name.tld), you'd add it in the admin part, then select if in the certificate drop down in the domain's control panel (again in Website scripting and security).

This is all far easier to do than to explain.

[prupert]

You then need to change which certificate the domain (or panel) uses in Plesk - from last year's to this new one. That's the "hardest" part but for a domain you'll find it in the Show advanced options -> website scripting and security.

Also note: If you are adding the certificate to protect a domain, add the new certificate in the domain's part of the control panel. If you are adding a certificate to protect Plesk, add it in the admin part of the control panel.

If you want to use the certificate to protect plesk and also to protect a domain of the same name (e.g. your-hosting-company-name.tld), you'd add it in the admin part, then select if in the certificate drop down in the domain's control panel (again in Website scripting and security).

This is all far easier to do than to explain.

Great explanation.

Alternatively, you can just add the SSL Certificate under Server Settings. When the SSL Certificate is fully installed (you have uploaded the Certificate and CA Certificate) you can assign it to an IP Address under Server Settings. That's all and prevents you from having to make any domain-specific configuration. We have found out that under some circumstances this can be preferable.

Although you can often re-use the previous CSR, from a security perspective it is recommended to always generate a new private key and CSR.