Can we talk about CA & certs? I've got a 4 server cluster and a BM server (all 6.5). My CA and certs expire in less than 2 years. I want to update (recreate) my CA so I can create a cert for ZCM that won't expire any time soon. Problem is, I've never done this before. I've read tons of TIDs and posts on the forums and I think I'm understanding that it's super simple but I don't want to miss anything. Do I need to do anything other than:

1. Delete CA
2. Delete Certs
3. Create new CA (same name)
3. PKIDIAG on all servers to recreate certs
4. TCKEYGEN on all servers (for tomcat)
5. Recreate the BM proxy cert and associate it with proxy authentication

I read at least one post/tid that indicated possibly deleting the SAS. Do I need to do that? Anything else that I need to delete do? Even if there's a remote chance I've missed something, throw it out there so I can verify it does/doesn't apply in my situation.

Thanks in advance.