Reissuance

Overview

This process allows customers replace previously issued SSL SSL is an acronym for Secure Sockets Layer. It is used for securely transmitting data via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message. Many websites, including those that utilize ecommerce or facilitate banking transactions use the protocol to transmit confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http: Certificates. The following are examples of when reissuance would be relevant:

Private Key The SSL Key, also known as a Private Key, is the secret key associated with your SSL certificate and should reside securely on your web server. When you create a CSR your web server will also create a SSL Key. When your SSL certificate has been issued, you will need to install the SSL certificate onto your web server - which effectively marries the SSL certificate to the SSL key. As the SSL key is only ever used by the web server it is a means of proving that the web server can legitimately use the SSL certificate. If you do not have, or lose either the SSL Key or the SSL certificate then you will no longer be able to use SSL on your web server. file loss.
Private Key The SSL Key, also known as a Private Key, is the secret key associated with your SSL certificate and should reside securely on your web server. When you create a CSR your web server will also create a SSL Key. When your SSL certificate has been issued, you will need to install the SSL certificate onto your web server - which effectively marries the SSL certificate to the SSL key. As the SSL key is only ever used by the web server it is a means of proving that the web server can legitimately use the SSL certificate. If you do not have, or lose either the SSL Key or the SSL certificate then you will no longer be able to use SSL on your web server. pass phrase loss.
Private Key file has been compromised due to the server being hacked.
Server software platform has been replaced or upgraded
Moving to a different ISP or Hosting Company.
If your Organizational Unit (Business) changes

You cannot utilize reissuance in the following cases:

Your Company Name changes
Your Common Name The Common Name (CN) is the fully qualified domain name of the Web server that will receive the certificate (e.g. www.yourdomain.ca or webmail.yourdomain.ca). (Domain Name) changes
Your Province/State/Locality/Country changes

In the above cases, a brand new Certificate purchase is required. This is necessary because the existing Validation information for the original certificate is no longer valid, and the Validation process must be undertaken once again.

Reissuance Process

To reissue your SSL certificate:

Log in to your Webnames.ca account.
Navigate to My Account> Manage > SSL Certificates
View the Issued certificates within your account , and click on the certificate name you wish to reissue
Click the Reissue button

Within the subsequent Reissue section, select the following as necessary:

Used Stored CSR Key: If no aspects of your web hosting or Admin contact details have changed, it is likely more convenient to re-use the same CSR Key as was previously used. Conversely if there has been a change to your web hosting and/or Admin contact details, you'll want to generated a new CSR. If in doubt, there is no harm in always using a new CSR Key. See also: "Step One: Generating a CSR key"
Domain Validation: Select your preferred method of confirming ownership and control of the domain name. See also: Domain Validated Certificates

Notice of Deprecation: Email Address for DCV SSL Certificate SSL Certificates are created for a particular server and domain, and are issued by trusted, third-party Certificate Authority (CA) - comparable to your passport. As the Certification Authority, the SSL Certificate vendor authenticates the identity of the purchaser and verifies the business that owns the domain. Verification

Please note this important change in the domain control validation (DCV) process for SSL/TLS TLS is short for Transport Layer Security. The TLS protocol is designed to one day supersede the SSL protocol, however at present few organizations use it instead of SSL. certificates. Effective January 15, 2025, the use of email addresses obtained via WHOIS for DCV will be deprecated. This change is in compliance with the CA/Browser Forum's Ballot SC-80v3, which mandates the discontinuation of WHOIS-based email DCV methods.

Deprecation Date: Starting January 15, 2025, email addresses from WHOIS lookups will no longer be accepted for DCV.

Alternative Methods: Constructed/generic email addresses (e.g. admin@ hostmaster@ etc) will continue to be available for use, however we recommend transitioning to alternative DCV methods such as DNS TXT records.

Existing Validations: Existing domain validations using WHOIS email addresses will remain valid until July 15, 2025, but must be re-validated using non-WHOIS methods before this date.

Impact: Failure to re-validate domains using accepted methods will result in the inability to issue or renew SSL/TLS certificates.

Hash Algorithm: Select the desired Algorithm (SHA 2-256 being the current standard)
Subject Alternative Names: For Multi-Domain certificates with available SAN The Subject Alternative Names (SAN) extension allows one SSL certificate to be used to secure one Web server with multiple names (such as a different DNS name, IP address or URI). licenses purchased, provide additional and/or updated SANs

Click Submit to send the reissuance order to the certificate authority.
Reissued certificates are then subject to the following steps, similar to that of a newly configured certificate: