I had a client reach out to me today with the following issue when he tried to install a new certificate on his CSS 11503 running 8.10.1.06 with CVDM version css-1.0_K9. This is what he wrote to me:
Our certs for our online site are about to expire and unfortunately we are still on the CSS. I’ve been trying to update our DR CSS for most of the morning, but for some reason it simply isn’t ‘taking’ today. I created a CSR from the CSS, uploaded it to Verisign, stacked the response correctly (it displays as a valid cert with a valid path, expiring in 2014), then imported it to the CSS via FTP. It is clearly present with the correct file name and file date. However, no matter what I do, despite what the CSS claims is associated with the SSL proxy, I keep seeing the old cert when I open the site from a browser. I’ve tried suspending all content, services, and proxy lists before changing the association, I’ve tried different names for the association, I’ve tried pretty much everything I can think of short of deleting the old .cer file (I don’t have the DES password), but despite the CSS displaying itself as being associated to the new cer file, when I open the site, it still presents the old cert. This is utterly baffling to me as I’ve never had this issue before. I know I can’t create a TAC case because the CSS is EoL. Any ideas?
I am not familiar with the CSS and since it's EOL, he cannot contact TAC.
Let me know if you need any other information and I will see if I can obtain it.