> Yep, and give the new ones a slightly different "full" > distinguished name (important for CRL and "ca" database). > My approach is to include the year-month as an extra OU e.g. > >? CN=foo.example.private,OU=isonetwork,OU=2016-03,O=YourCompany Inc,L=YourTown,C=XX Ooh, that's neat advice! -- Senior Architect, Akamai Technologies IM: richsalz at jabber.at Twitter: RichSalz
