Reissuing an SSL Certificate / Revoking an Old Certificate

Here we show you how to reissue an SSL certificate and then revoke the old certificate.

Manual reissuance of the certificate may be useful or necessary if

  • a new version of the certificate is available, which includes, for example, an improved signature algorithm or an increase in the encryption level.
  • the possibility exists - or has already occurred - that the private key (private key) of the SSL certificate has been compromised.
  • the private key of a user-managed SSL certificate has been lost.

Reissue an SSL Certificate

Step 1

Log in to 1&1 IONOS and select the relevant contract.

Step 2

In the Domains pane, click Manage SSL Certificates.

Step 3

Select the certificate to be reissued (A) and click on Reissue certificate (B) in the Actions menu.

Step 4

Click Reissue SSL Certificate to confirm.

Please note:

  • You can reissue the free SSL Starter certificates as often as you like.
  • You can reissue the other SSL certificate systems up to 6 times a year.
Step 5
  • If your certificate is a user-managed SSL certificate, you will now receive your new private key. Click Download Private Key to save the key to your computer.

Please note: This step is not necessary for 1&1 IONOS-Managed SSL certificates since the newly issued certificate is automatically installed on the customer's webspace and is therefore immediately active.

Step 6

The reissue usually only takes a few minutes. Meanwhile, you can see the current status in the overview. As soon as the check mark appears here, the newly issued certificate is active.

Step 7

Then revoke the old certificate as described below.

Revoking an Old SSL Certificate

Step 1

Select the certificate (A) and click Actions > Revoke Old Certificate.

Step 2

Click Revoke old certificate to request revocation from the responsible certification authority.

You will then receive an email from the certification body asking for confirmation of your revocation.

Step 3

As a final step, you must now confirm the revocation of the old certificate via the link contained in the email.

The old certificate is now invalid and can no longer be used.

Please note: As long as you have not revoked the old SSL certificate, you cannot reissue the certificate.