Renewing a certificate from an Internet CA

 

If you use a well-known, Internet CA to issue the certificate, you can handle the certificate renewal in two different ways. You can renew the certificate directly with the Internet CA and then import the renewed certificate from the file that you receive from the signing CA. Or, you can use DCM to create a new public-private key pair and Certificate Signing Request (CSR) for the certificate and then send this information to the Internet CA to obtain a new certificate. When you receive that certificate back from the CA you can then complete the renewal process.

 

Parent topic:

Renewing an existing certificate

 

Import and renew a certificate obtained directly from an Internet CA

To import and renew a certificate that you obtained directly from an Internet CA follow these steps:

  1. In the navigation frame, click Select a Certificate Store, then select the certificate store that holds the certificate you want to renew.

    Click on the “?” for any panel to answer any further questions you have about completing the panel.

  2. In the navigation frame, select Manage Certificates.

  3. In the navigation frame, click Renew certificate.

  4. Select the certificate you want to renew and click Renew.

  5. Select VeriSign or other Internet Certificate Authority (CA) and click Continue.

  6. Select No - Import the renewed signed certificate from an existing file.

  7. Complete the guided task to import the certificate. When you chose to renew the certificate directly with the issuing CA, that CA returns the renewed certificate to you in a file. Make sure that you specify the correct absolute path for the file where the certificate is stored on the server when you import the certificate. The file that contains the renewed certificate can be stored in any integrated file system (IFS) directory.

  8. Click OK to finish the task.

 

Renew a certificate by creating a new public-private key pair and CSR for the certificate

To renew a certificate with an Internet CA by creating a new public-private key pair and CSR for the certificate follow these steps

  1. In the navigation frame, click Select a Certificate Store, then select the certificate store that holds the certificate that you want to renew.

    Click on the “?” for any panel to answer any further questions you have about completing the panel.

  2. In the navigation frame, select Manage Certificates.

  3. In the navigation frame, click Renew certificate

  4. Select the certificate you want to renew and click Renew.

  5. Select VeriSign or other Internet Certificate Authority (CA) and click Continue.

  6. Click Yes - Create a new key pair for this certificate and click Continue.

  7. Complete the certificate identification form. You must change the New certificate label field, but any other fields can remain the same.

    Click on the “?” for any panel to answer any further questions you have about completing the panel.

  8. Click OK to finish the task.