Changing SSL certificates

Berhanie · 03-13-2007, 12:34 AM

Hello.

The company I'm working for is using a commercial certificate for one of its web sites. This is to avoid the warnings associated with self-signed certificates. That certificate is about to expire, and we'll be purchasing a new one, but from a different source this time. The question is, will a client browser which has previously viewed the site (and made use of the old certificate) pop up a warning upon encountering the new certificate? I.e. does this sort of caching occur?

Jaqui · 03-16-2007, 02:56 PM

Nope, no warning, if the client browser recognizes the Certificate authority.
yup, certificates are cached, for the session that the browser is running when it hits the site.

The only times anyone will get a warning box:
1) unknown Certificate authority.
2) expired certificate.
3) domain name mismatch.

Berhanie · 03-17-2007, 12:15 AM

Thank you. If the certificate is cached only for the session, then it's not a problem. I was on the phone with the CA people, and was told no warnings should appear.