Do I Need to Generate a New CSR to Renew My SSL Certificate?

Like most things in life, it depends. You will need to generate a new Certificate Signing Request (CSR) if you are using the following server types:

• Microsoft Windows Servers
• Tomcat Servers
• Java-based Servers
• Most applications such as firewalls, load balancers, etc.

Some servers, including Apache and NGINX servers, allow you to use the old CSR to renew your SSL certificate and install a new certificate without generating a new CSR, however, security best-practices suggest that you should generate a new private key and CSR when renewing your SSL cert.

If you have any of the above server platforms, you must generate a new CSR before you submit your renewal. 

Please contact our support team if you have any additional problems or questions.