Security Certificates - I may have goofed when updating


My VPS just celebrated its first birthday. Instead of presents, it received an expired security certificate. When I revisited StartSSL, I may have goofed when updating and am not sure how to proceed.

The mistake I made was that I did not use a private key from my server to create the new certificates. Instead, I entered a ‘password’. (This is what happens when you do something only once a year without having taken notes from the previous year…)

So, my problem is this: I believe that the server needs both the key and the certificates to function properly, but I have no idea how to create the key from the password. Some on-line searching seems to suggest that the key cannot be obtained from StartSSL for security reasons.

Under VirtualMin -> Server Configuration -> Manage SSL Certificate -> Update Certificate and Key, I do see a box labeled ‘Private key password’. Do I delete the existing key file and simply put the password used to generate the certificates in this field?

Thank you.


Well, the SSL private key only exists on your server. Are you saying it was deleted at some point?

Each time you generate a new CSR, it should generate a new SSL private key.

When you renewed your SSL certificate, did you have to send in a new CSR?

If you’re saying your key is no longer working, most SSL providers allow you to re-create your SSL certificate.

Also, if you happen to have a backup of it, you could always pull it out of your backup.



My mistake was really quite simple: On the StartSSL site, there is a form into which I should have copied my key. Instead, I entered a ‘password’, i.e., the StartSSL system created a key (but they do not provide a copy of it). I have just sent them a query asking how to resolve the problem - hopefully, it will be as easy as simply starting over.