Hi

We are executing a project to renew the certificates installed in our XI server. The certificate which is currently installed in our XI severer is signed by Verisign. All partners communicating to the XI server use the certificate to digitally sign the message. In XI server we have configured communication channels to receive process the signed message and also to deliver digitally signed message to partners. The validity of the current certificate installed in our system is going to end by the end of Feb. We are looking at renewing the certificate before the expiry date so that there will not be any interruption in partner communication. In this regard, please provide your inputs to the following items

1. Should the existing CSR be sent to the CA for validity extension or a new CSR to be generated

2. During certificate renewal, can the existing private/public key be retained for the renewed certificate

3. Can we have the old certificate installed in the XI server along with the newly renewed certificate, so that the partners can be gradually migrated

4. Is XI server restart required after certificate installation/upgrade

We have referred the SAP Note 694290 for Verisign certificate renewal

Thanks

Srinivas