"Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
news:uwDb5zWfFHA.484@TK2MSFTNGP14.phx.gbl...
> "Rob R. Ainscough" <robains@pacbell.net> wrote in message
> news:uOsQi5PfFHA.1480@TK2MSFTNGP10.phx.gbl...
>> If I purchase an SSL certificate and install it on my web server, how is
>> it validated? Anytime anyone communicates with my web server does the
>> SSL go out to site that issued the SSL certificate to validate it? Or is
>> this just a one time deal?
>
> This behaviour depends largely on the client application. Most browsers
> will check the CRLs (certificate revocation lists) along the issuer chain
> of a web site certificate only once per browser launch, not for each page
> visited within a site.
>
>
>> Also, can certificates be "updated" when a server is moved or it's IP is
>> changed (and/or domain name)?
>
> There is generally no need to make any changes to a certificate when a
> server is physically moved or when its IP address changes. However, web
> server SSL certificates are mapped to the server host name, so a name
> alteration would require a certificate change (even if the IP address
> doesn't change).
>

"Rob R. Ainscough" <robains@pacbell.net> wrote in message
news:uOsQi5PfFHA.1480@TK2MSFTNGP10.phx.gbl...
> If I purchase an SSL certificate and install it on my web server, how is
> it validated? Anytime anyone communicates with my web server does the SSL
> go out to site that issued the SSL certificate to validate it? Or is this
> just a one time deal?

> Also, can certificates be "updated" when a server is moved or it's IP is
> changed (and/or domain name)?

"Rob R. Ainscough" <robains@pacbell.net> wrote in message
news:OLnD%23qXfFHA.2424@TK2MSFTNGP09.phx.gbl...
> Hi Nicole,
>
> So it the issuer chain goes down, then no validation?
>
> Rob.
>
> "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
> news:uwDb5zWfFHA.484@TK2MSFTNGP14.phx.gbl...
>> "Rob R. Ainscough" <robains@pacbell.net> wrote in message
>> news:uOsQi5PfFHA.1480@TK2MSFTNGP10.phx.gbl...
>>> If I purchase an SSL certificate and install it on my web server, how is
>>> it validated? Anytime anyone communicates with my web server does the
>>> SSL go out to site that issued the SSL certificate to validate it? Or
>>> is this just a one time deal?
>>
>> This behaviour depends largely on the client application. Most browsers
>> will check the CRLs (certificate revocation lists) along the issuer chain
>> of a web site certificate only once per browser launch, not for each page
>> visited within a site.
>>
>>
>>> Also, can certificates be "updated" when a server is moved or it's IP is
>>> changed (and/or domain name)?
>>
>> There is generally no need to make any changes to a certificate when a
>> server is physically moved or when its IP address changes. However, web
>> server SSL certificates are mapped to the server host name, so a name
>> alteration would require a certificate change (even if the IP address
>> doesn't change).
>>
>
>