My SSL certificate expired tonight. I’ve used Digicert certificates for SBSfaq.com for a while now and I’ve got to say I like there customer service.
Normally renewing an SSL certificate can be painful. You’ve got to generate a CSR, upload that to the website of the SSL provider, wait for the returning certificate, then install that on the server, before then assigning it to the correct services within Exchange etc. It’s not hard, just many steps that can be painful.
Last week I got emails from Digicert advising my certificate was about to expire. I did nothing about it.
Then I got a phone call, from a real human reminding me that my certificate was about to expire. I did nothing about it (or should I say, I planned to do something about it and then forgot).
Then yesterday – the day before the certificate expired, I got onto there website, placed the order for the certificate, planned to go to my Exchange 2013 server and generate a new CSR and then forgot again and did nothing about it.
A short time after placing the order, I got an email from Kyle on their support team saying “because you’ve had that issued from us before, we are going to reissue it again” and they attached the new certificate. Nice n simple but still I did nothing about it.
Tonight I’m busy working and I get a warning from Outlook… “Your certificate is no longer valid…” Oh crap… I forgot.
Here we go, I thought, this will take a while.
I dug out the email from yesterday, opened it up, copied the files to my server, then used there Digicert Certificate Utility and with just a few clicks, imported the new certificate into the store. A few more clicks in the Exchange 2013 console and it was assigned correctly. What??? could it be that simple… turns out – yes it was!!!
I checked the certificate and it was fine. My outlook sync’s again, Windows Phone works and the iPad works too… oh yeah – the wife’s iPhone works too – can’t forget that!
Thanks DigiCert – simplicity at it’s best.
Russell Clements says
I’m wondering about this and how it might impact your certificates. Are you using something like .internal or .local for your internal DNS? Will this have any impact on what you’re doing? We’re reviewing our procedures to building domains for clients and recently came across this. I wondered if you might have any feedback on it. Are you going to just using the same name internally and externally?
Any help you might be willing to provide would be appreciated.
Wayne Small says
Hi Russell – I’m using .com certs for external and I’ve configured my internal resources to respond to the external DNS name. Added a DNS zone internally for sbsfaq.com to help of course.