Currently we have installed a Single Domain digital certificate (related to domain (vpn1.company.com.hk) on our VPN gateway at Site A and it is in operational working fine. VPN client will be connecting to it thru the domain name (i.e. vpn1.company.com.hk). Moving forward, we are going to install VPN gateways on our resilience site (Or Site B). The domain name for site B will be a bit different (e.g. vpn2.company.com.hk). We are thinking using a wildcard certificate or SAN certificate to cover both Site A & Site B. Our question is what is the suggested migration methods.
Q1. Shall we apply for the Wildcard/SAN Certificate (for both vpn1.company.com.hk & vpn2.company.com.hk) then replacing the existing single domain cert on Site A and install it on Site B ?
Q2. If we do so as described on Q1, does it mean the original single domain certificate (i.e. for vpn1.company.com.hk only) becomes automatically revoked or useless ?
We are a bit new on these subject and appreciate would anyone shed some lights on this.
Thank you so much