sabato 31 marzo 2012 04:25
Hi All, I have a POC lab which have Exchange 2010 SP2 (multiserver roles) installed. I am using a 30 day trial SSL certificate from RapidSSL which will expire soon. That certificate only allows to have one CN (mail.mycompany.com). My query is:
1. I am planning to renew the existing exchange certificate but not with RapidSSL. Is it possible to renew an existing certificate obtained from one public CA with another CA meaning I generate the CSR by renewing the existing certificate from Exchange EMC and sending that CSR to another CA from whom I am interested to buy the SSL now?
2. If the answer is "no", the option is to create a new CSR using the same old CN and send it to the new CA for processing. Please correct me if I am wrong. I have not tested yet, but I am not sure if I can use the same old CN/SANs with another public CA (as those CN is alreday issued by RapidSSL)
Tutte le risposte
sabato 31 marzo 2012 09:16
1. You should generate a new CSR with the alternate names you need for Exchange e.g. autodiscover
2. You can have different certificates from different CAs that refer to the same domain names.
- Contrassegnato come risposta Zi FengMicrosoft Contingent Staff, Moderator lunedì 9 aprile 2012 01:34
domenica 1 aprile 2012 02:00
Thanks. So, I can have the same CN (mail.mycompany.com,autodiscover.mycompany.com etc) in my new CSR even if I was having the same names with my earlier CA.