SSL Certificate

Hi,
A few questions

1. If the company moves premises would I need to get my SSL certificate updated?
2. If we upgrade our server would I need to get my SSL certificate updated?
3. Can I install the same cert on multiple servers in the office?

Thanks
LVL 1
QuarmAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

carlmdCommented:
The SSL certificate is tied to the ip address, which would probably change if you moved. The CA should be willing to reissue the certificate if such is the case, but their could be a fee.

Upgrading the server would not be an issue, as it should preserve the installed certificate.

No, the certificate can only be installed on the server that provided the request.
0
yo_beeDirector of Information TechnologyCommented:
Q: 1. If the company moves premises would I need to get my SSL certificate updated?
A: No, the cert is tied to a CN.  ie.  mail.contoso.com  or www.contoso.com


Q2. If we upgrade our server would I need to get my SSL certificate updated?

A: No, If you are using the same FQDN for the site  you can use the same cert, but you do need to export the cert from the old server with the private key.
https://www.sslshopper.com/move-or-copy-an-ssl-certificate-from-a-windows-server-to-another-windows-server.html

Q3. Can I install the same cert on multiple servers in the office?

A: Not exactly. The short answer is No.  As mentioned in question 1 answer it is tied to a FQDN.  Now if you a round-robin DNS for mail.contoso.com where three servers can host the site then you can apply the cert to all three servers, if they all have different sites being hosted with different FQDN then No. The work around is to purchase a wildcard SSL cert like *.contoso.com.  Then you can apply it to any site that has that domain and it will work.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
yo_beeDirector of Information TechnologyCommented:
In response to carlmd 1st and 3rd responds are both inaccurate.  I am not looking to bash his response, but want the Author to be aware that they are not accurate answers.

Certs are not connected to ip-address at all.  They are tied to a Common Name (CN) as mentioned in my previous reply.

The Cert can be exported for another server that generated the request.
0
carlmdCommented:
Ok, on the first it could be bound to an ip (more common in self signed certificates) or CN, but in either case it should probably be reissued if you move to display correct ownership.

On the third, the question is "Can I install the same cert on multiple servers", while you are correct about obtaining a wildcard cert, otherwise such is in violation of the CA license agreement. So even if you went through the trouble of doing so (duplicating hostnames, etc..), you would still be doing so under the table, which is never a good idea when it comes to security.
0
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
Some of your answer is going to depend on who issued your certificate.  I use global sign where as stated above it is tied to the domain. You can have the same certificate on multiple servers all tied to the domain https://www.globalsign.com/en/ssl/domain-ssl/features/

> 1. If the company moves premises would I need to get my SSL certificate updated?
Based on above, it is tied to the domain so it does not matter where the physical server is.

> 2. If we upgrade our server would I need to get my SSL certificate updated?
Based on above, you can have as many servers as you want tied to the domain with the same certificate.

> 3. Can I install the same cert on multiple servers in the office?
Based on above, yes

If would suggest to double check with your issuer.  If you are looking to buy a new certificate, double check their FAQ.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.