3rd part SSL renewal for OWA
My Verisign SSL certificate, (for OWA), is expiring on my CAS servers, and I am in the process of generating the new CSR. I have 2 CAS servers using NLB and the same cert is installed for IIS on both servers.
My question is: Should I a completely NEW csr, using the new-exchangecertificate -generaterequest comandlet, or should i call out the old cert first?
New-ExchangeCertificate -GenerateRequest
or
Get-ExchangeCertificate -Thumbprint xxxxxxxxxxxxxxxxxxxxxxx |New-ExchangeCertificate -GenerateRequest
Is there any benefit in referencing the old certificate?
The options I see at the verisign site are "renew" or "Replace".
Thanks
Nova
January 31st, 2011 6:34pm
You should ask this to Verisign support if they can renew the same cert ideally it should be new cert for your CAS servers.
Install new cert and enable required services for new cert. Best Rgds, Ashish | Unified Comunication | MCTS | MCITP | Please remember to select option "Propose As Answer" if solution work for you | My posts hold no assurances, no promises, and they measured no rights.
Free Windows Admin Tool Kit Click here and download it now
January 31st, 2011 10:31pm
Thank you Ashish. That is what i will do. I just wanted to be sure there was not a downside to using a new cert, since when I re-gen the self signed certs for internal use, I start with the thumbprint of the existing cert.
Thanks again.
Brent
February 1st, 2011 11:32am