Renew my startssl certificate in 2012

1) I used ssl certificate for  my https web server, I used  free class 1 certificate from startssl  (http://www.startssl.com/). Each year I have to renew my ssl certificate. i.e I nned to replace my old
ssl.key, ssl.crt, ca.pem and sub.class1.server.ca.pem files under my ssl directory to a new one. Click the link in email body and lead ot to express renew lane.  The notice of expiration in two weeks was received  by webmaster. You can not renew before the two weeks expiration.
During renew, you should be able to access your webmaster account in your web server or similar account defined in Startssl, as Startssl will send an email to this account to verify that you are the Web master.
 

This year I have a new computer, when I use authentic in startssl, the webpage redirect to an error page, and I register a new user and the massage said my email address existed.
I have to migrate my certificate from my previous XP computer to new Windows 7. In Firefox:
Select "Tools"->"Options" , then select "Advanced" -> "Encryption" -> "View Certificates", choose the "Your Certificates" tab and locate your client certificate from the list. The certificate will be listed under StartCom. Select the certificate and click on "Backup", choose a name for this backup file, provide a password (68) and save it at a known location. I save the file name as startssl.p12


To restore the certificate in another computer, in FireFox:
Select "Tools"->"Options" , then select "Advanced" -> "Encryption" -> "View Certificates", choose the "Your Certificates" tab and click import with your p12 certificate file location.

Now I start to renew my Startssl:
2) Startssl auto provides express lane

Under message

• If you created your own private key and certificate request (CSR), please skip this step.
• Provide a password for your private key. (At least 10 characters, max. 32)
• Allowed are only letters and numbers, without spaces!
• Write your password down somewhere securely.
• Note that SHA2 hash algorithm may be not supported on older systems (Windows XP, Windows 2003).

create your own password.

Save Private Key

Copy and paste the content from the textbox below into a file and save it as ssl.key. Make sure, that you do not alter the content and you did not add any spaces! Save it in ASCII format (plain text). Allowed are only letters and numbers, without spaces! Decrypt the private key with the OpenSSL utility: openssl rsa -in ssl.key -out ssl.key or use the utility from the Tool Box. Ready Processing Certificate We have gathered enough information in order to sign your certificate now. The common name of this certificate will be set to www.cesei.org. The certificate will have the following host names supported: cesei.org www.cesei.org www.cesei.org Please click on Continue in order to process the certificate. Save Certificate In the textbox below is your PEM encoded certificate. Copy and paste the content into a file and save it as ssl.crt. Make sure, that you do not alter the content and you did not add any spaces! Save it in ASCII format (plain text).

3)run the following command

openssl rsa -in ssl.key -out ssl.key

OR click Decrypt Private Key in Toolbox, which is identical to the above command
copy the ssl.key above and the password in step 2.
generate  RSA private key and copy to a file ssl.key (rename old ssl.key first)

4) Click StartCom Root CA (PEM encoded) in StartCom CA Certificates (left menu) to save as ca.pem;
Click Class 1 Intermediate Server CA in StartCom CA Certificates (left menu) to save as  sub.class1.server.ca.pem.

5) Install your  ssl.key, ssl.crt, ca.pem and sub.class1.server.ca.pem in your web server ssl directory and restart your web server.

6) To check your ssl in your web server, go to SSL checker and input your https website or left click your mouse in your browser with your https website, click more information and view certificate.