Best Answer

Question about Https app

  • 11 September 2023
  • 8 replies
  • 92 views
Daniel
Rank
Userlevel 7
Badge +3

Hi all,

I need to generate a CSR file so that we can renew our SSL certificate. If I understand correctly, the only way to do this is to remove the current certificate by clicking the [REMOVE CERTIFICATE] button shown below. Is this correct?

Also, if I remove the certificate, will our domain still be secure? I thought I'd better check since this operation cannot be undone.

 

icon

Best answer by Alan 12 September 2023, 12:05

View original

8 replies

gstager
Rank
Userlevel 7
Badge +5

Correct.

In order to upload any new certificate docs you must first remove the existing ones.

As I recall, you’ll need to re-upload all parts - you cannot just update one of the files. If some are the same just reupload the same ones.

Greg
KMallette
Rank
Userlevel 7
Badge +5

@Daniel Your site is insecure only for the period until the new certificate is uploaded. Hopefully you can get the full task completed in about 10-15 minutes. If you have to work with your IT department to get your new SSL, I recommend that you give them a ‘heads up’ so they can process the request quickly.

KMallette/Viasat, Inc.
Daniel
Rank
Userlevel 7
Badge +3

@gstager @KMallette Thanks for the replies. Our certificate provider is asking for a CSR file before they can issue our new certificate. I have a CSR file from last year, so I’m wondering if it would be possible to send them this file instead of removing our current certificate in order to generate the new CSR file. Do you know if this is possible? If not, I would seem to be in a Catch 22 situation where I have to remove the old certificate and unsecure the site before I can apply for a new one.

KMallette
Rank
Userlevel 7
Badge +5

@DanielNo, you need to send them a new one because part of the data in the encoded CSR is a date.

Don’t worry too much about the site being unsecured. If the SSL has expired, then the site is already unsecured.  Start your renewal process early in the day, and you’ll be done by noon.

KMallette/Viasat, Inc.
Alan
Rank
Userlevel 6
Badge +2

Hi @Daniel 

I went through the same terror when renewing our certificates the first time!

If it helps alleviate the anxiety, your site is still secure even after you remove the old certificate.  The old certificate actually remains in place and valid until it’s original expiry date.  You can check this through the browser by 1) clicking the padlock in the URL bar; 2) clicking “Certificate is secure” then clicking “Certificate is valid”. Below is what it looks like in Chrome, but it’s similar in Edge.

 

The validity period is then shown in the pop-up. I would recommend putting an annual reminder in your calendar to renew the certificate a few weeks before it’s expiry, so that you have plenty of time to resolve any issues.  

Also, note that after uploading the new certificate, Docebo will state that it was successful and show the new expiry date. But don’t take the LMS’s word for it!  After installing the new one, always use the above browser check to make sure the new certificate really is installed properly. 

Hope this helps!

Alan

Alan Clifford
Daniel
Rank
Userlevel 7
Badge +3

Hi @Alan 

Thanks so much - this is exactly what I was looking for!

Daniel
Rank
Userlevel 7
Badge +3

Just wanted to summarize the answers here for future reference:

  • The old certificate needs to be removed in order to generate the CSR file required to apply for the new certificate.
  • However, the old certificate remains active until the new certificate is uploaded (as long as it hasn’t expired yet).

For more information, please see the help article below.

https://help.docebo.com/hc/en-us/articles/360020125119-Activating-and-Managing-the-HTTPS-App

B
Rank

So, all of this has changed with the new “Domain Management” page.  There is no longer the ‘create a csr’ feature...Why was that removed?

Reply


Terms & ConditionsCookie settings