+1, Make sure you disable those weak crypto's too :)
Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization [email protected]<mailto:[email protected]> Work:401-255-2497 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan] From: [email protected] [mailto:[email protected]] On Behalf Of Damien Solodow Sent: Friday, September 20, 2013 3:38 PM To: [email protected] Subject: [NTSysADM] RE: And now, my SSL ignorance.... It's actually easier than you think. :) 1) Install cert (either via IIS or Certificates MMC) 2) Wait for outage; change bindings 3) Pat self on back DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of David Lum Sent: Friday, September 20, 2013 3:34 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] And now, my SSL ignorance.... I have an IIS server that currently has a wildcard cert that expires in a few weeks. Due to licensing costs I am to replace this cert with a single web server cert, but am I correct in that I can install SSL certs at any time and the only time they take effect is when you change the SSL binding? * Install cert via IIS * Wait for appropriate service outage to flip certs then bind 443 to the new cert * Reset IIS Amirite? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229
<<inline: image001.jpg>>
