Discuss this help topic in SecureBlackbox Forum

Renew the certificate

To renew the existing certificate (i.e., to generate a certificate with the existing key material) using TElX509CertificateEx class use the following sequence of operations:

  1. Load the certificate which you wish to renew into TElX509CertificateEx object. Remember that for a self-signed certificate it's absolutely necessary to load a corresponding private key too (certificates stored in PFX format are usually stored with a corresponding private key).
  2. Set up properties for a new certificate (e.g., validity dates, extensions etc.). It is recommended to keep the serial number, since many applications distinguish certificates by their serial numbers.
  3. Set PreserveKeyMaterial property of TElX509CertificateEx class to True.
  4. Call Generate() method of TElX509CertificateEx class. When PreserveKeyMaterial property is set to True, algorithm and key length parameters of Generate() method are ignored.

Note, that you can renew both self-signed certificates and certificates signed by some other CA. In the latter case, you will need a CA certificate which was used to sign the original certificate, along with CA private key.

Certificate-related How To articles

Discuss this help topic in SecureBlackbox Forum