Sorry, I am new with this and need some help.
I had SSL certificate issued by positivessl.com. Now, it will expire and I need to renew it.
I don't have the old CSR file (used to generate ssl cert at first), but I have old private key.
So can I generate CSR file using old private key like (is this correct comand):
openssl req -new -key ssl/oldPrivateKey.key -out ssl/newCsr.csr
And then use new CSR file to renew SSL certificate, so I don't need to do any other changes to my apache conf files.
Is this correct way.
I don't want to interrupt connection to my site, so had to ask the question because didn't find good answers anywhere about renewal procedure.
You can not re-use the old CSR - you'll have to create a new one.
Yes, your command is correct! Generate the CSR with your old private key:
openssl req -key old_private_key.key -new -out newCSR.csr
See also:
https://www.sslshopper.com/article-most-common-openssl-commands.html