Replaced SSL cert that expires at end of week, but browsers have old one cached?
I have a TLS cert that's due to expire on Saturday. I had a new cert created (CertNew.cer). On my client's intranet site's IIS server, (just a single front end, no lb, on-prem), I modified the site bindings to use the new cert. When I checked the site in the browser, the site came up fine, but when I checked the cert's General and Details I saw it was the old one (CertOld.cer).
I tried multiple iisresets and a reboot, nothing changed from the browser. I didn't run into this issue in other environments, though those certs had expired and the intranet sites were throwing errors before being replaced.
What's the preferred method? Anything I can do on the server side, or does this require a GPO to remove/replace a specific browser-cached cert? Something else?
Thanks!