Key rollover options
When you request a key rollover, select one of the following options in the Request key rollover field.
Option | Description |
---|---|
Replace compromised key | Use this option to replace a key and revoke its certificates when
a key is compromised. This action revokes all current valid
certificates and any expired certificates found in the Archive view.
The only difference from Request new key & revoke existing certificate is that the reason code in the ACME request revoking the certificate is "Compromised key." |
Request new key | Use this option to request a new key, for example, to change key strength or key type. This action creates a new key and certificates and moves the original certificates to the Archive view. |
Request new key & revoke existing certificate | Use this option to replace a key and revoke its certificates when
a key is not compromised. This action revokes all current valid
certificates and any expired certificates found in the Archive view.
The only difference from Replace compromised key is that the reason code in the ACME request revoking the certificate is "Superceded." |