On 07/11/11 13:39, Bob Fera wrote:
> Hi everyone,
>
> I'm at a point where I need to renew the certificate for my Surgemail
> server. In the past, I recall that generating a new CSR from the SM
> admin screen removed the running cert and replaced it with a self-signed
> cert, thereby causing my users' mail clients and web browsers to
> complain until I could manually restore the original certificate from
> the command line (and I think restart the server, causing even more
> grief). Is this still the case with the latest production version (5.3h-1)?
>
> Thanks,
>
> Bob
> --
>
> /Bob Fera
> I.T. Manager
> Zenith Information Group
> 18757 Burbank Blvd., Suite 116
> Tarzana, CA 91356
> Phone: 818-206-8634 Ext. 160
> Fax: 818-345-2605/
>
> /Members of NACHA
> The Electronic Payments Association/
>
Unless you need to change the key length, the old CSR will still be 
valid and can be submitted for the new cert.

CSR's don't have an expiration date in them.  But there are new 
requirements that the cert companies won't generate a cert based on a 
1024 bit key any more but require at least a 2048 bit key.

Lyle Giese
LCR Computer Services, Inc.