We have been using an application built on JBoss for which we need an SSL certificate. Through great write-ups online we were able to easily create a key and import a signed cert. We are, however, now at the point where our cert is about to expire, and I'm hoping someone could point me in the right direction for updating our cert.

Should use the same private key, and simply create a new CSR? If so, will it overwrite our old signed, public key when we import the new signed key.

Or, should we create a new private key/CSR? If so, what is required to do it? (Deleting old key, etc).