Renewing a certificate from an Internet CA

Edit online

If you use a well-known, Internet CA to issue the certificate, you can handle the certificate renewal in two different ways.

You can renew the certificate directly with the Internet CA and then import the renewed certificate from the file that you receive from the signing CA. Another way you can renew the certificate is to use DCM to create a new public-private key pair and Certificate Signing Request (CSR) for the certificate and then send this information to the Internet CA to obtain a new certificate. When you receive that certificate back from the CA you can then complete the renewal process.

Import and renew a certificate obtained directly from an Internet CA

Edit online
Start of changeImport and renew a certificate reuses the CSR (Certificate Signing Request) that was originally generated on a create certificate request. A new public-private key pair is therefore not created. To import an automatically renewed certificate that was obtained from an Internet CA to replace the existing certificate in the certificate store, follow these steps.End of change
  1. Start of changeIn the navigation frame, click Open Certificate Store, then select the certificate store that holds the certificate you want to renew.
    Note: Click on the “?” for any panel to answer any further questions you have about completing the panel.
    End of change
  2. Start of changeIn the manage Certificates frame, select Import. End of change
  3. Start of changeSelect Server or Client for the certificate type. End of change
  4. Start of changeCheck the box labeled Automatically Renewed Certificate. End of change
  5. Start of changeUse the Browse or Browse Uploads buttons to find the certificate for import and click Continue.
    Note: When you chose to renew the certificate directly with the issuing CA, that CA returns the renewed certificate to you in a file. Use the Upload Certificate option to have the certificate copied to the Upload directory. If manually entering the path and file name, ensure that you specify the correct absolute path where the certificate is stored when you import the certificate. The file that contains the renewed certificate can be stored in any integrated file system (IFS) directory.
    End of change

Renew a certificate by creating a new public-private key pair and CSR for the certificate

Edit online

To renew a certificate with an Internet CA by creating a new public-private key pair and CSR for the certificate follow these steps

  1. Start of changeIn the navigation frame, click Open Certificate Store and select the certificate store that holds the certificate that you want to renew. End of change
  2. Start of changeSelect the certificate you want to renew, expand the actions for the certificate tile by clicking +, and select Renew. End of change
  3. Start of changeSelect Internet CA, provide a new certificate label, and click Renew. End of change
  4. Start of changeSelect Copy to put the CSR text into your buffer to paste into the Internet CA website or file.End of change
  5. Click back to return to certificate management.