Reissuance

Overview

This process allows customers replace previously issued SSL Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet.[1] TLS and SSL encrypt the segments of network connections at the Application Layer for the Transport Layer, using asymmetric cryptography for key exchange, symmetric encryption for confidentiality, and message authentication codes for message integrity. Certificates. The following are examples of when reissuance would be relevant:

• Private Key The SSL Key, also known as a Private Key, is the secret key associated with your SSL certificate and should reside securely on your web server. When you create a CSR your web server will also create a SSL Key. When your SSL certificate has been issued, you will need to install the SSL certificate onto your web server - which effectively marries the SSL certificate to the SSL key. As the SSL key is only ever used by the web server it is a means of proving that the web server can legitimately use the SSL certificate. If you do not have, or lose either the SSL Key or the SSL certificate then you will no longer be able to use SSL on your web server. file loss.
• Private Key The SSL Key, also known as a Private Key, is the secret key associated with your SSL certificate and should reside securely on your web server. When you create a CSR your web server will also create a SSL Key. When your SSL certificate has been issued, you will need to install the SSL certificate onto your web server - which effectively marries the SSL certificate to the SSL key. As the SSL key is only ever used by the web server it is a means of proving that the web server can legitimately use the SSL certificate. If you do not have, or lose either the SSL Key or the SSL certificate then you will no longer be able to use SSL on your web server. pass phrase loss.
• Private Key file has been compromised due to the server being hacked.
• Server software platform has been replaced or upgraded
• Moving to a different ISP or Hosting Company.
• If your Organizational Unit (Business) changes

You cannot utilize reissuance in the following cases:

• Your Company Name changes
• Your Common Name The Common Name (CN) is the fully qualified domain name of the Web server that will receive the certificate (e.g. www.yourdomain.ca or webmail.yourdomain.ca). (Domain Name A domain name is an identification string that defines a realm of administrative autonomy, authority, or control on the Internet. Domain names are formed by the rules and procedures of the Domain Name System (DNS).) changes
• Your Province/State/Locality/Country changes

In the above cases, a brand new Certificate purchase is required. This is necessary because the existing Validation information for the original certificate is no longer valid, and the Validation process must be undertaken once again.

Reissuance Process

To reissue your SSL certificate:

1. Log in to your Webnames.ca account.
2. Navigate to My Account> Manage > SSL Certificates
3. View the Issued certificates within your account , and click on the certificate name you wish to reissue
4. Click the Reissue button

 Within the subsequent Reissue section, select the following as necessary:

• Used Stored CSR Key: If no aspects of your web hosting or Admin contact details have changed, it is likely more convenient to re-use the same CSR Key as was previously used. Conversely if there has been a change to your web hosting and/or Admin contact details, you'll want to generated a new CSR. If in doubt, there is no harm in always using a new CSR Key. See also: "Step One: Generating a CSR key"
• Domain Validation: Select your preferred method of confirming ownership and control of the domain name. See also: Domain Validated Certificates
• Hash Algorithm: Select the desired Algorithm (SHA 2-256 being the current standard)
• Subject Alternative Names: For Multi-Domain certificates with available SAN The Subject Alternative Names (SAN) extension allows one SSL certificate to be used to secure one Web server with multiple names (such as a different DNS name, IP address or URI). licenses purchased, provide additional and/or updated SANs

5. Click Submit to send the reissuance order to the certificate authority.
6. Reissued certificates are then subject to the following steps, similar to that of a newly configured certificate:
   • See also: Approval and Validation
   • See also: Issuance
   • See also: Installation