Renewing SSL certificate


#1

Hi I used ZeroSSL.com to create a certificate and got it installed on my domain luxzura.com. I simply gave my hosting provider (Crazy domains) the two txt files it produced. Now is it possible to renew the certificate on ZeroSSL? If so how can it be done?

Otherwise I am going to try to get it auto renewed as this thread outlined: Hosting provider want SSL certificate file to install

If that’s not possible is there any other methods to renew it?


#2

You can renew via ZeroSSL, yes. Basically you follow the same process as you did for obtaining the certificate initially.

Generally Cracy Domains looks as if it provides SSH access to accounts - so you could fairly easily run one of the alternate clients to automatically generate the certs for you.

Some options of cpanel allow you to automatically upload the SSL cert there, from what you say with yout account though you need to email them to your hosting provider to upload them. The main thing I don’t like about that is the “private key” should be exactly that - private, and not sent via an unencrypted email.


#3

Thank you for your message.

So by renewing through zerossl I wouldn’t be required to enter any keys in
on the first screen or anything from the last certificate?

I just checked and CD don’t allow SSH access and didn’t install it that
way, they say they just uploaded the certificate to the server. Plus I
don’t know anything about SSh so would potentially mess it up.

Good point about the unencrypted email, I hadn’t thought of that. So with
this all in mind would you say the best method is by them using AutoSSL for
the renewal? Still waiting to hear back from them if that method is
possible.


#4

Renewal is effectively the same process, but you don’t need to create another LE account or a new CSR for the same domains. On the first step just use the same ones you have used/generated initially. Please note that using the same CSR is not mandatory - you can generate another one for example, but using the same one as before ensures that your domain key stays the same and just the certificate file itself needs to be updated on your server.

NB: When you are using the same CSR as before, the last step (“Certificate”) will only contain your certificate file, but not the domain key - this is normal (basically you should have it already at that time).


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.