Tsohost Help Centre

Table of Contents

Rekey your SSL Certificate

Updated Jun 18th at 10:53 BST

‘Connection Is Not Private’ on your website:

It’s been brought to our attention that some Apple users have been seeing error messages when accessing websites whose SSL certificates were issued between 21st April and 27th April 2021. If Apple users are accessing your website, you will need to reissue (or ‘rekey’) your certificate to resolve the error message. This process does not require an additional fee. However, you will need to download and reinstall the rekeyed certificate to ensure your server remains secure.

What is happening?

Apple users who have upgraded to the latest version of iOS (14.6) or macOS (11.4) have been seeing a “The Connection Is Not Private” warning when the website with an affected SSL certificate is viewed in a browser. Just to reassure you – there is no security risk to your site, and the connection remains private. The issue is a result of Apple updating their root program requirements. The good news is there’s a simple solution. You can find out how to rekey, download and reinstall your certificate below.

If you are hosted with TSOHOST, please reach out to our support team through your Client Area by raising a ticket with the subject ‘SSL Certificate Rekey’ and we will gladly assist you and re-issue and install your SSL Certificate for you.

If you are hosted elsewhere please check what do you need to do to Rekey your certificate.

1.Go to your tsoHost Client Area: https://my.tsohost.com/clientarea.php

2.Select Services -> My Services -> Select the SSL service in question -> click Login to Control Panel.

3.Select Rekey your certificate

4.In the Certificate Signing Request (CSR) field, paste your new CSR, including ----BEGIN NEW CERTIFICATE REQUEST---- and ----END CERTIFICATE REQUEST----, and then select Add Change

5.Select Submit All Changes.

Your newly re-keyed certificate will become available shortly after submitting the new CSR, and we'll email you when the certificate is available for installation.

Please note: During the rekey process, you may need to verify your certificate request. You’ll get an email from us if this is necessary.

Download your certificate files.

1.Under Download Certificate, select a server type (e.g. Apache, Windows, Nginx)

2.Select Download Zip File. Your certificate will be downloaded.

Install your certificate:

You must install the SSL certificate within 72 hours of issuance to keep your server secure. How you install your certificate depends on the type of server you are using, for example, cPanel, Apache, or Microsoft Exchange Server.

Here are instructions for installing certificates on a few of the most popular options:

cPanel: https://help.tsohost.com/knowledge-base/article/11315

Apache (CentOS): https://help.tsohost.com/knowledge-base/article/11319

Microsoft IIS 7: https://help.tsohost.com/knowledge-base/article/11327

Nginx: https://help.tsohost.com/knowledge-base/article/11317

For everything else, please refer to your server documentation. Once the certificate is installed, customers with macOS 11.4 or iOS 14.6 will not see the warning.

Need help?

We’re always here to help. If you have questions about any of the above, please contact our support.