Certificate signing requests for Thawte renewals
When renewing a Thawte certificate through the links on this page, you will be prompted for a certificate signing request (CSR).
You may or may not need to generate a whole new request: this depends on your server software. Below is a (slightly technical) discussion of the circumstances in which you will or will not need a new request. If you aren't sure, please get in touch before going any further, as getting it wrong may mean you can't use your certificate once it has been renewed.
If you are running Apache, and the country code in your existing certificate is GB, you will generally NOT need to generate a new certificate request, and can reuse your old one instead. The exception to this is if your existing request has a 512-bit key, which is now considered too short for optimum security and is no longer supported by Thawte; in this case, you will need to generate a new private key and then a new signing request.
If you are running Apache, and the country code in your existing certificate is UK, you MAY need to generate a new request -- it will depend on which channel you used to request your original certificate. (Retail will not currently require this; referrer and reseller certificates probably will.) If you're not sure, please contact us for details. The exception mentioned above regarding 512-bit keys also applies in this case.
If you are running IIS (Internet Information Services, Microsoft's web server), then you WILL need to generate a renewal certificate request. If you are running IIS6 and are renewing an SSL123 certificate, you will need to follow these instructions; the standard "generate renewal request" functionality does not work correctly in that instance.
If you are running any other software, please consult this list for guidance. If your software is listed on the "re-signable" list, then you will probably not need a new signing request and can reuse your old one. If it is listed on the "non-signable" list, you will need a renewal request.
Last updated: October 14th 2009
© Copyright Herald Information Systems, 1999 - 2009.