If I re-key a SSL certificate for a 2nd/backup server, does the original still work?
We have a production server with a wildcard SSL certificate. I'm in the process of creating a backup/failover server that will host the same domains, and therefore will also need the SSL certificate.
The certificate on the primary server was installed with the private key non-exportable, so I am unable to export the certificate for installation on the failover server.
My question then is - if I re-key the certificate from Go Daddy, does the original certificate installed on the primary server cease to be valid?
As an aside, the original (primary) server is IIS 6, the failover is IIS 7 (once the failover is operational, we'll likely upgrade the primary).
Solution 1:
Rekeying a certificate revokes the original. See here for GoDaddy's support page on rekeying, and here for information on certificate revokation lists.
Solution 2:
You should be OK with exporting the certificate from the primary server and importing it to the secondary server. This is what I do with my Exchange servers.
If any one sees a technical or legal issue with this, please let me know.