Your certificate its of midtier ?
Are you using IIS ?
It is client certificate on Remedy servers and we are using Tomcat.
The method I tend to use is to import the new cert into a new keystore and then just stop Tomcat and replace prev one. Also of course update the password in the Tomcat config with the new one. I find it to be a good practice to change password when creating a new keystore but I guess if you keep the old one you only need to replace the keystore it self and reboot.
Tomcat is on a different server. The one that I'm asking is on Remedy app server.