Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Default Certificate upgrade due to company name change  RSS feed

 
Norman Meister
Ranch Hand
Posts: 52
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I am seeking some clarification on the web certificates (ssl handshake) topic.

We have an application, which has interfaces with lots of external system (web services over https, https, sftp, smtp, etc.).

Our application is locally maintaining a repository of certificates that we need to use in order to connect to all these external systems.

In the very near future, there are some structural changes going to be made within our company, due to which the name of the company is going to be changed. The infrastructure (servers would stay the same).

My first question is how would the above change affect our application in the context of external systems' certificates which are consumed by our application? Are we going to get new certificates for these external systems?
My understanding from a technical point of view is that our application does not need any new certificates. The existing certificates would still work. Could there be any legal constraints in using the old certificates?

Slightly different dimension is that in one of other applications, we are receiving encrypted emails. The sender of the email has provided us with a certificate (.pfx), which we have imported in the keystore. We this certificate to decrypt the email. So my question is given the structural change in the company/name, do we need to request for a new certificate for our new company or we can still use the same old certificate?
Again my understanding from a technical point of view is that our application does not need any new certificates. The existing certificates would still work. Could there be any legal constraints in using the old certificates?

Lastly, when our application (accessible over https) is being exposed to some external system, do we need to provide the external system with our new certificate or do we really need to change the certificate in this situation.

So in short, my questions are in the context of certificate changes when our applications are being exposed to or consumed by other systems.

thanks.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!