Existing TLS certificates in Symantec Messaging Gateway (SMG) may be updated with another signed certificate to extend the validity date or to update other aspects of the certificate such as the message digest / hash algorithm used provided that the signed certificate meets the following criteria:
The SMG system date is withing the validity date range of the updated certificate.
The new certificate has the same public key as the installed certificate i.e. it is not a new certificate
The new certificate is in x509 format
To update an existing certificate:
Log into the SMG control center as an administrator
Navigate to Administration->Certificates
Select the certificate file to import
The certificate will be compared with currently installed certificates and their private keys to determine which installed certificate to be updated so the installed certificate to be updated does not need to be selected. The operation will fail if the Control Center cannot match the imported certificate to an existing certificate. In that case the new certificate may have a different key length or public / private key. If the Control Center does not recognize the imported key as matching an existing key the new certificate may be imported using the normal procedure for importing a new certificate / key pair (HOWTO92422).
Once the certificate is updated, the Control Center will automatically update the scanners with the new certificate data.
Imported Document ID: TECH228133
Subscribing will provide email updates when this Article is updated. Login is required.