There have been a number of changes to the security certificate world lately. Validity periods have shrunk from 3 years to 2 years and now to 1 year. SHA256 has taken over the world. Wildcard certificates have gone from risky to accepted and supported in many scenarios. All this means we are all rekeying and deploying certificate’s a lot more. Just to make it more fun, there are more options involved. So, it is best to make the task as error free and quick as possible.
Changing a Certificate Key Type from Signature to Exchange
Switching a certificate from ‘Signature’ to ‘Exchange’, or the reverse, is fairly easy. Just use the certutil utility.