a. Go to https://products.geotrust.com/orders/orderinformation/authentication.do
b. Enter the common name, email address of the technical contact for the original certificate, and the image number
c. Click Continue
d. Click Request Access
e. GeoTrust will send a link to the email address submitted during step 2
f. Click on the link in the email
g. Click Reissue Certificate
h. Paste the new Certificate Signing Request (CSR) as prompted
i. Agree to the license agreement and click Submit
GeoTrust will send the new certificate to the technical contact’s email address (i.e. the email address associated with the original order).
Note that GeoTrust immediately revokes the original certificate when you reissue the certificate.
See http://www.symantec.com/connect/blogs/heartbleed-bug-poses-serious-threat-unpatched-servers for Symantec's official recommendation regarding Heartbleed. Symantec owns GeoTrust.