Pkafkas
asked on
The difference Between a new SSL Certificate and Re-Keying an SSL Certificate
We have an SSL Certificate that will expire soon. The current SSL Cert is issued from a Certificate Authority and it is used for Captive Portal (Guest) user access to allow guest users to login to our WiFi using a username/password.
The current Domain name is something generic as "WIFI.DOMAIN.COM". I have instructions on how to generate a new .csr for this appliance: https://community.arubanetworks.com/t5/Controller-less-WLANs/How-to-Create-a-Certificate-for-Instant-Captive-Portal-using/ta-p/277025
The instructions are pretty straight-forward; but, my questions are:
1). Will I need to create a new SSL Certificate for a new Domain Name (example: OFFICE.DOMAIN.COM) ? or can I re-key the existing SSL Certificate and use the same domain name?
2). What is the difference between Re-Keying the existing SSL Certificate and creating anew one?
The current Domain name is something generic as "WIFI.DOMAIN.COM". I have instructions on how to generate a new .csr for this appliance: https://community.arubanetworks.com/t5/Controller-less-WLANs/How-to-Create-a-Certificate-for-Instant-Captive-Portal-using/ta-p/277025
The instructions are pretty straight-forward; but, my questions are:
1). Will I need to create a new SSL Certificate for a new Domain Name (example: OFFICE.DOMAIN.COM) ? or can I re-key the existing SSL Certificate and use the same domain name?
2). What is the difference between Re-Keying the existing SSL Certificate and creating anew one?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You would like to preserve the current key (the private key never left your server if you did create the CSR correctly). So a new CSR and get that signed should be sufficient.
noci is correct. I was referring to reissuing a certificate (where a CA would allow you to re-key a certificate - at no charge - if the private key was compromised).
There is no problem in extending a certificate by creating a new CSR and submitting to the CA (you'll be charged for the new certificate).
There is no problem in extending a certificate by creating a new CSR and submitting to the CA (you'll be charged for the new certificate).