Connect to your Webserver
SSH into your webserver and use the su command to login with root priviliges.
Generate the CSR
Cd /etc/httpd/ssl
Mkdir (current year) without the parenthesis.
“openssl req -new -newkey rsa:2048 -nodes -keyout /etc/httpd/ssl/2015/keyname.key -out /etc/httpd/ssl/2015/csrname.csr” without the quotes, changing the year to the folder you just created.
Go to the webhost (godaddy) and renew the ssl certificate. It will ask for the CSR.
In the terminal window of your webserver type: vi /etc/httpd/ssl/2015/csrname.csr
Copy the text and paste it into Godaddy’s textbox.
Installing the new certificates:
Once validation is completed, copy the CRT files to the webserver using Filezilla.
If you copied the files to your home directory, do the following in your ssh terminal:
mv /home/username/{crtname.crt, gd_bundle.crt} /etc/httpd/ssl/2015/
Edit the SSL configuration file:
In the webserver terminal type: vi /etc/httpd/conf.d/ssl.conf
Navigate to the lines that have the old year for the crtname.crt, the keyname.key, and the ca_bundle and change it to the current year. Press the letter s to enter insert mode (it will delete the character your cursor is currently on). When finished, press esc then the : then the letter w and then q and then press enter.
Add permission to selinux:
chcon –reference=/etc/httpd/ssl/2014/ca_bundle /etc/httpd/ssl/2015/gd_bundle.crt
chcon –reference=/etc/httpd/ssl/2014/ca_bundle /etc/httpd/ssl/2015/crtname.crt
Restart apache:
service httpd restart
massifit 