EXCHANGE SSL certificate

Dear all,

We had bought a SSL certificate from go daddy and installed it on our exchange 2007 server.

it is about to expire on oct 12,2013.  we have setup auto renewal of the certificate in go daddy.

Do i need to buy a new certificate and install it or the previous certificate will be good enough provided we pay go daddy to renew the cert for 3 more years?
GlocapAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nick RhodeIT DirectorCommented:
You would just run the renewal on the exchange server for that will expire also.
0
AmitIT ArchitectCommented:
You need to first create a new CSR, send it to Godaddy, get the cert, remove old cert, import new cert, assign services you are done. Follow steps here

http://blogs.technet.com/b/sjimmie/archive/2010/05/11/renewing-ssl-certificates-on-exchange-server-2007.aspx
0
KwoofCommented:
go daddy support people are usually very good at walking you through the whole process as well as your options.  If you do not already have SAN certificate, you may want to consider that to address the growing needs of SSL and for when you upgrade to 2010/2013.

You will need to go through the process to renew and update the certificate on the server.  It is an easy process.

If your local network domain is xxx.local as many have done in the past, you will also have to address how to handle that, since no CAs will issue .local certs that go past 2015.  go daddy support can explain that in detail as well.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Simon Butler (Sembee)ConsultantCommented:
"get the cert, remove old cert, import new cert"

I don't agree there. You can install the new certificate without removing the old. That way there is no downtime.

So new CSR (you cannot use the old one), put in the GoDaddy system, download replacement, complete the request. Then activate services and remove the old certificate. You will not need to install the interemediate certificate again.

Simon.
0
GlocapAuthor Commented:
is this renewal process seamless or does it affect end users with emails configured on cell phones.
0
Simon Butler (Sembee)ConsultantCommented:
AS long as the same common name is used on the new certificate as the old one, the only downtime is when you run IISRESET for the new certificate to apply. The users don't notice a thing.

Simon.
0
AmitIT ArchitectCommented:
Ya Simon you were right don't need to remove. Thanks for clarifying.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.