This content has been marked as final. Show 3 replies
Should the client have gotten its certificate re-signed with the new intemediary certificate?Yes.
Thanks. Can you point me to an RFC or other documentation that explains what has to be done (or redone) when different certificates in a chain get renewed?
You would need to look at the X.509 documentation. What you have done is break the certificate chain, so the client certificate no longer has a valid signing certificate.