Greetings from sweltering Ohio....

We have been running Clean Access for about a year, and it's now time 
to renew our SSL certificates on the CAS pair for the first time 
(they expire in 3 weeks).

The CAS administration guide has lots of information in chapter 12 
about doing the INITIAL certificate request and import, but it's not 
clear to me how to do a RENEWAL.  We use Thawte, and when we 
generated and sent a new CSR, they replied that it had already been 
used, and we needed to generate a new one.  Something about Tomcat 
being different than regular Apache and therefore not really renewable?

Do I need to generate a new temporary certificate before the 
CSR?  Won't that break CCA for current users?

Thanks, in advance, for any clues about the certificate 
renewal/replacement process.

Kurt

P.S.  We just upgraded smoothly from 3.5.8 to 4.0.2 on our HA-paired 
CAM and CAS.  No show-stopping failures.  Yet.

P.P.S.  Sorry for the accidental cross-posting to RESNET-L.  Meant to 
send it here!


Kurt Huenemann
Heidelberg College
Tiffin, Ohio
Office: 419-448-2351
Fax:    419-448-2176
Email:  [log in to unmask]