Rekey my certificate

Re-keying an SSL certificate refers to creating a new private key for your certificate, which is used in the process of encrypting and decrypting data sent from and to your website.

Note: Re-keying is only available to certificates installed on customers' own servers, or for Add On domains on cPanel or Plesk hosting.

By creating a new private key, you invalidate your certificate's old private key; this means you must install your new, re-keyed certificate within 72 hours of re-keying.

You should re-key your SSL certificate when:

  • Your server crashes.
  • You lose your private key.
  • You move your website to a new server.
  • You change your SSL's domain.
  • You want to change your SSL certificate's issuing organization. For more information, see Using the Right Issuing Organization for Your SSL.

Before You Begin

Before you can re-key your SSL certificate, you must generate a new certificate signing request (CSR) from your Web server. For instructions, see Generate a CSR (certificate signing request).

The information in your new CSR must be identical to the information for your existing certificate, i.e. you cannot change the organization's information (although you can change the domain name you're securing). If you need to change your certificate details, you must revoke the certificate in your account, purchase a new SSL credit, and complete the SSL request again.

Note: We automatically deactivate the previous certificate when we issue the new, re-keyed certificate. Do not revoke unless you are certain you want to cancel the existing certificate. When you revoke, the SSL credit is canceled and you cannot re-key the certificate.

To Re-Key Your SSL Certificate

  1. Log in to your GoDaddy account.
  2. Under SSL Certificates, next to the certificate you want to use, click Manage.
    Manage
  3. On the Certificate Details page, click Rekey & Manage.
    Manage
  4. Click Re-Key certificate.
    Re-key Certificate
  5. In the Certificate Signing Request (CSR) field, paste your new CSR, including ----BEGIN NEW CERTIFICATE REQUEST---- and ----END CERTIFICATE REQUEST----, and then click Save.
    Paste CSR
  6. Click Submit All Saved Changes.
    Submit Saved Changes

Your newly re-keyed certificate will become available shortly after submitting the new CSR. You will need to download and install your new certificate within 72 hours of rekeying your certificate in order to keep your server secure when the old certificate is terminated.

Next steps

More info


Was This Article Helpful?
Thanks for your feedback. To speak with a customer service representative, please use the support phone number or chat option above.
Glad we helped! Anything more we can do for you?
Sorry about that. Tell us what was confusing or why the solution didn’t solve your problem.