ZCM 10.3.0a / SLES 10sp2 & 10sp3

We want to demote our current primary/Certificate Authority server (zcm1.domain.com, sles 10.2) and promote another live primary server to take on this role (zcm2.domain.com, sles 10.3). If possible we want to avoid changing the name of the new server to reflect the old certificate name (zcm1.domain.com). In this case, do we need to create a new certificate using zcm2.domain.com? Then, would we need to re-register all managed devices/satellite servers to ensure communication with the new primary/certificate authority server?

Is this the best solution or would you recommend another approach? Basically we are moving the “primary” primary server to our off-site data center which will have a new name and ip address.