Another certificate question dealing with self-signed which only needs to be updated

First thank you all for your assistance with the certificate issue we were facing with android customers and zimbra desktop. Talking with Geotrust we got the right combination of certs to resolve our issue. Matt, your answer was seen after I finished talking with Geotrust but it was spot on. If anyone needs the links to the certs for this situation I'll be glad to post them to this listserve............

My question which zimbra support hasn't given me really a concrete answer on.......

Multi-server installation. Combination of commercial and self-signed on our system. Self-sign cert on our zimbra ldap server is about to expire. I am planning on following the directions for creating a single-node sign certificate from http://wiki.zimbra.com/wiki/Administration_Console_and_CLI_Certificate_Tools My question is..............As it already is self-signed do I actually have to create a new CA? Or just do the part dealing with the crt.

As these answers are not spelled out as they seem to presume you are just starting off versus updating a self-signed certificate I want to make sure that I have this documented for future admins that may follow me.

Zimbra support says I can just do zmcertmgr createca with the "-new". But I would like to know why not skip that and just do the crt and be done leaving the CA alone. Can anyone explain why I must create and deploy a CA again?

Thank you!

Steve