Solved

Apache ssl cert

Posted on 2013-11-12
7
280 Views
Last Modified: 2013-11-21
I am running apache http server 2.2. I need to renew the ssl cert but am unsure if I need to generate a new csr. Some sites indicate no others say yes. Hopefully someone can give me the correct answer. Thanks
0
Comment
Question by:Sid_F
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 13

Expert Comment

by:Ugo Mena
ID: 39642516
Some sites require you to submit a new CSR if you are changing the domain name or the sitename to something different. Some sites will allow you to renew from the old Certificate.

Best practice is to create a new CSR.
0
 
LVL 13

Expert Comment

by:Ugo Mena
ID: 39642517
once you get the new Certificate issued:

    -Copy your renewed certificate, intermediate certificate bundle and key file (generated when you created the Certificate Signing Request (CSR)) into the directory that you will be using to hold your certificates.

    -Open the Apache httpd.conf file and add the following directives:
        SSLCertificateFile /path to certificate file/your issued certificate
        SSLCertificateKeyFile /path to key file/your key file
        SSLCertificateChainFile /path to intermediate certificate/null
   
-Save your httpd.conf file and restart Apache.
0
 
LVL 6

Author Comment

by:Sid_F
ID: 39642786
I am not changing anything about the domain or site name. How do I know if I need a new csr based on the site
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 13

Expert Comment

by:Ugo Mena
ID: 39642824
It will depend on who issued your Certificate and if you are renewing through the same place.

Where did you get your Certificate from?
0
 
LVL 6

Author Comment

by:Sid_F
ID: 39644252
Yes same place commodo
0
 
LVL 13

Accepted Solution

by:
Ugo Mena earned 500 total points
ID: 39644836
Looks like Comodo CAN use the old CSR but this is their recommendation:

Can I use my old CSR?:

Some web servers will allow this, but we recommend (for security reasons) a new CSR for every renewal.

If you use the original CSR and someone has previously acquired the Private Key without your knowledge then you are still at risk of attacks during encrypted sessions.
If you use a new CSR then anyone possessing the Private Key looses the ability to decrypt your encrypted sessions when you apply the new certificate issued from the new CSR.
0
 
LVL 6

Author Closing Comment

by:Sid_F
ID: 39666242
Thanks
0

Featured Post

Get HTML5 Certified

Want to be a web developer? You'll need to know HTML. Prepare for HTML5 certification by enrolling in July's Course of the Month! It's free for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question