Avatar of bgrsyd
bgrsyd
Flag for Australia asked on

How to UPDATE and existing valid UCC SSL certificate on Exchange 2019

I have added an additional SAN (sub domain) to an existing GoDaddy UCC SSL.  Added this to enable the Download Domain security feature in Exchange.

The certificate, without the new SAN, is already installed on an 2019 Exchange Server, everything works just fine.

My question is, 

To install this updated certificate, do I need to generate a new REQ and basically re-key it?  Exchange doesn't seem to allow the import of the updated key without first generating the REQ

Thanks,

Bruce

ExchangeSecurityInstallation

Avatar of undefined
Last Comment
bgrsyd

8/22/2022 - Mon
David Johnson, CD

from godaddy
You cannot upgrade a UCC to include more names. If you are using all of the slots available in your current UCC certificate, and you need to cover another domain, you'll need to purchase a new certificate to add another domain name.
bgrsyd

ASKER
Thanks David, I have not used up all my slots on the GoDaddy SSL, just added a new SAN to an empty one.  All the stuff with the certificate is complete and under control.  The issue is just with getting the update in Exchange, as per my question.
SOLUTION
M A

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
ASKER CERTIFIED SOLUTION
Jeff Glover

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
bgrsyd

ASKER
Thank you all.

That clears it up, I guess it's obvious if the details of the certificate have changed it needs a re-key.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck