This post is more than 5 years old
43 Posts
0
165450
July 19th, 2013 06:00
Certificate change
Hi All,
I hope the answer is simple :-)
Our SSL certicate is almost ended and I want to plan to change it for a new one (renewal).
Now I was wondering if I change the certificate is the environment down? for example:
We have 3 SSLGW servers and 2 web servers. If I change at one of these servers the certificate will the environment still work? Or will users get certificate errors?
No Events found!
DELL-David Y
228 Posts
1
July 19th, 2013 07:00
Hello Sander,
When changing the certificate or making any modifications to the Secure Gateway settings you have to restart the service to make the change active. All current connections through the Secure Gateway will be dropped when the service restarts. You will need to either take the Secure Gateway offline, so that there are no user sessions, or plan a maintenance window.
With that said if you are simply replacing the certificate you can import this to the server before hand. When ready just stop the service and select the new certificate before restarting the Secure Gateway service, this can be done in 30 seconds or less.
If you do this before the current certificate expires then you could make the change to one Secure Gateway at a time as both certificates will be valid.
Regards,
David
DELL-David Y
228 Posts
0
July 19th, 2013 12:00
Hi Sander,
One final point I forgot to mention earlier.....
Please ensure that you remove the old certificate from the server after you have successfully transitioned to the new one. Expired certificates can cause problems since they cartificate name will be the same and the system will by default select the older one if still present.
Thanks,
David
sader82
43 Posts
0
July 19th, 2013 12:00
David,
Thank you. I know it was simple, but wanted to be sure about it :-)