Follow carefully these steps in preparation for a new certificate request and installation
- Remove your old certificate from your browser. Most of the new certification authorities (CAs) install the new certificate directly in the browser from which you do the request;
- On the computer(s) you use to do 'alien-token-init from:
- Remove the .pem files from $HOME/.globus. You will need to create new set with from your new certificate;
- Remove /tmp/x509up_* - these are temporaty proxy certificates created from the .pem keypair and may interfere with the new certificate.
3. To create a new .pem keypair once you have your new certificate, follow the instructions published here