SendMail 8.13.8 | CentOS 5.x

Hi Guys,

I'm using ca-signed TLS certificates on my sendmail server and they are up for renewal soon. Our new CA doesn't like our old CSR so I need to generate a new CSR.

Can someone point me to the procedure for doing this (without affecting the production certs that are already in use)? I'm paranoid of overwriting the old TLS certs in the process of generating a CSR.

Most of the instructions I've found are for implementing self-signed TLS certs -- which isn't an option for me at this time.

I'm thinking it would something like:

openssl req -new -nodes -out new-tls.csr -keyout new-tls-private.key 

But I wasn't sure if I was missing some options there such as the -x509 option...

-M