I should add - I updated the mail server certificate (self-signed and used for TLS), but I did *not* yet update the website certificate, since I have to get that from the CA. Looking into that.
well, that took a while. The SSL certificate folks are really busy, as you might imagine. Anyway, as of now the website has a new certificate. Now's a good time to change your password.
Would you please confirm that they have issued the new certificate with almost the same attributes (including issue and expiry dates) except serial and thumbprints? And the new certificate has thumbprint 0a fe 51 3e 85 fc 94 b4 ae 26 40 65 45 93 6f 4e 49 5e f9 ee ?