locked
OCS Edge Server Certificate replacement - will it cause clients to disconnect if not rebooted straight away? RRS feed

  • Question

  • Hi all,

    I'm looking to replace an Access Edge certificate with a renewal of existing, I wonder if the "services may require a restart" warning message could mean that clients might have connectivity issues after applying the new cert? I've done a test before with a cert replacement and not had a problem, but another OCS engineer said he'd had problems with clients connecting and reboot required after cert applied.

    I'm looking to apply fri, reboot early mon - anyone else had problems or not with this type of task?
    Friday, November 13, 2009 9:17 AM

Answers

  • Hi,

    I've done this a couple of times because we had to add SANs to the public certificate.
    As long as you do not restart the services, the new certificate is not used yet and no disruption of connectivity occurs when you replace the cert. You do need to restart the services and that will cause a short downtime.

    Wkr,

    Jeroen
    Microsoft minded UC specialist - http://www.reijling.nl
    Thursday, November 19, 2009 10:16 AM

All replies

  • Ran the cert change, no issues with Communicator for over 2 hours.
    Friday, November 13, 2009 1:53 PM
  • Hi
    Do you issued the CERT to the Access Edge Server use the CA server which built in your own domain or use the third party?
    If you use your own CA server, and use the client which joined into the domain, or use a client which have installed the Root Cert, the clients might have no connectivity issues after you changed the Cert.
    If you use the third party Cert, and use a client to entrance to the Access Edge Server, i think the client will has a connecting issue.

    If i misunderstand your issue, please tell me.
    Regards!
    Thursday, November 19, 2009 3:35 AM
    Moderator
  • Hi,

    I've done this a couple of times because we had to add SANs to the public certificate.
    As long as you do not restart the services, the new certificate is not used yet and no disruption of connectivity occurs when you replace the cert. You do need to restart the services and that will cause a short downtime.

    Wkr,

    Jeroen
    Microsoft minded UC specialist - http://www.reijling.nl
    Thursday, November 19, 2009 10:16 AM
  • Spot on, I had no down time or client connection issues with cert being installed on fri. Auto reboot on monday morning and clients still happy...

    Worked perfectly.
    Thursday, November 19, 2009 3:22 PM