Replace an SSL Certificate from Symantec Trust Center account

Solution ID:    SO7146    Updated:    01/30/2017


An SSL certificate requires a Public and Private key. The Private key is a critical component and it is stored in your Web server or SSL appliance and cannot be replaced by Symantec. Problems with the private key can include:
Accidental deletion/removal
Lost Private Key
Server crash
Note: All replacements (for any reason) are free of charge. If you are changing any information on the SSL certificate such as Common Name, Organization, etc. you are not eligible for a replacement and must enroll for a new certificate.

Watch Symantec’s Tutorial Videos for a more visual experience!

Note:  If you are unable to view the video, please click here to go directly to the video source.

Replace certificate
  1. Go to the Symantec Trust Center account.
  2. Enter the account Username and Password > click Sign In
    Note:  Click here if you do not remember the Username or Password.
  3. From the list, select the appropriate certificate to replace
  4. Under the Order summary tab, click Replace
  5. Generate a new Certificate Signing Request (CSR) from your Web server using the same information as the original certificate. This includes the following fields:  Organization, Organizational Unit, Common Name, Country, City/Locality &  State
    Click here for CSR generation instructions.
  6. Select Server Platform
  7. Paste the CSR contents into the text box and select the Signature hash algorithm by clicking Edit
  8. Click Submit CSR
    Typical processing time for a replacement certificate is 24 hours. You should receive a confirmation e-mail within an hour after enrolling for the certificate. For order status, please log into the Symantec Trust Center account.

Replacing an SSL certificate does not add the certificate to Certificate Revocation List (CRL) or immediately flag the certificate as revoked status through Online Certificate Status Protocol (OCSP) responder.

The previous issued certificate should be removed from the server or device. Once the latest replacement issued certificate confirmed working, you need to revoke the previous certificate. Click here for instructions to revoke a SSL certificate.


Legacy ID



RapidSSL has made efforts to ensure the accuracy and completeness of the information in this document. However, RapidSSL makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. RapidSSL assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.  Further, RapidSSL assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. RapidSSL reserves the right to make changes to any information herein without further notice.

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Find Answers

Search Tips