Solution 1:
I've tried to do the renewal-based-on-existing-cert thing before, and it's always resulted in a bit of a mess (it's been with Verisign in my case, but I can't imagine Thawte's process works much better, although I'm fully prepared to blame my own SSL ignorance at the time). Anyway, the way round this that we worked out is to:
Create a temprary site in IIS. Call it "SSL renewal" or something - it's never going to see the Internet, so it doesn't really matter.
Generate a CSR for the new site, using EXACTLY the same parameters as you did for your real site's cert; site name, org. info, key length, everything.
Go through Thawte's renewal process, supplying the shiny new CSR that you generated.
When you get the signed response back, process and install it on the temp. site. The certificate is now in the local computer account's cert store, so it can be seen by IIS - see where we're going with this?
Now that the new cert's installed, go into the real site's SSL properties and select "replace the current certificate". In the list of certificates to use, you should see your new one. Select it, and you're done. Feel free to delete the old one afterwards, and don't forget to back up your certificate and private key!
Solution 2:
This KB in comodo website describes how to do it:
Basically you'll be re-creating your site in IIS and generating a request from that one. Then you delete it and replace the cert on your current site.