Please pardon the rather long post from a ZCM newbie,
but I have tried to understand what I should do with certificates
by looking at the various threads in this forum, and
still do not understand what I should do.

I did a basic install of the 10.0.1 software using an external
certificate from GlobalSign. After I installed the certificate
I saw that:

1) The certificate is only valid for one year.
2) I must have chosen the wrong option for the certificate
authority anyhow, because the ZCC browser complains about
the certificate being untrusted.

So now I have some questions:

1) Can I change the ZCM's certificate configuration on the server
to point to the proper CA chain without reinstalling?

2) What would I have to do to the clients and server(s) after the
one-year certificate expires?

3) Is it true that I have to un-install and re-install the software,
if I want to switch to an internal certificate?

4) What do I loose by using an internal certificate instead of
a trusted external certificate?

and, finally,

5) Is it definite that the internal certificates are now issued
(in 10.0.1) for 10 years as hinted at previously in this list?

Steve Druck
Weizmann Institute of Science