done … here's what i did …
renewed cert at godaddy (had to call in). renewed using original csr (cert request) so i didn't have to regenerate the cert key and info. installed on auth.wirelesstoronto.ca, /etc/apache2 …
moved old cert to /etc/apache2/ssl/expired-20070408, dropped new cert and new intermediate bundle into /etc/apache2/ssl
gathered up new cert installation instructions (no longer .txt, now .html with css, images subdir), dropped down as /etc/apache2/CertificateInstallationInstructions_GoDaddy.tar.gz
backed up old config file /etc/apache2/sites-available/wifidog-ssl to wifidog-ssl-expired-20070408.
edited wifidog-ssl to put the new gd_intermediate_bundle.crt (replacing sf_issuing.crt).
stopped apache /etc/init.d/apache2 stop started apache /etc/init.d/apache2 start (looked for OK)
pointed browser to https://auth.wirelesstoronto.ca
viewed page info, clicked on security tab, clicked on view button, verified that certificate expires on 2009/04/08.