There have been a number of changes to the security certificate world lately. Validity periods have shrunk from 5 years to 3 years and now to 2 years. SHA256 has taken over the world. Wildcard certificates have gone from risky to accepted and supported in many scenarios. All this means we are all rekeying and deploying certificate’s a lot more. Just to make it more fun, there are more options involved. So, it is best to make the task as error free and quick as possible.
Switching a certificate from ‘Signature’ to ‘Exchange’, or the reverse, is fairly easy. Just use the certutil utility.