What are the steps for renewing an existing Secure Socket Layer (SSL) Certificate?

Environment:

Secure Socket Layer, SSL Certificates, Expire, Renewal

Resolution:

The Oracle B2C Service Operations team will create a proactive service request for customer's regarding their SSL Certificate's upcoming expiration. The service request will be created 90 days in advance of the certificate's expiration date. Within the proactive service request will be a CSR and it should be used to renew the certificate. Please make sure you purchase and download your cert in standard x509 PEM format, and use this same format to upload to Oracle. 

• You can renew your certificate using Configuration Assistant Self Service. Refer to Answer ID 7988: Managing SSL Certificates using Configuration Assistant for step by step information on this feature.
   
• If using an uncommon certificate authority, update the proactive service request or submit a new one. Attempting to upload a cert from a minor or independent cert authority will often result in errors within self-service, as our infrastructure does not always have the required root certs in advance. 
   
• The CSR in the proactive service request will have Key Size 2048 bit.  If you require a 4096-bit key size, please update the proactive service request asking technical support to generate a new CSR for you.  Configuration Assistant does not provide an option for key size when generating CSRs.

Most Certificate Authorities (CAs) will allow you to do this up to 90 days in advance without losing any time on the certificate. When purchasing the certificate, please choose Apache or Apache Mod-SSL as the server platform.