Am I to deduce correctly that we need to generate hashed names for all the files that we used to identify by 'AG-Dev.crt' and 'userkey.pem'? Should they all be .pem files? It's not obvious so far that the certificate managment extends to managment of existing certs. But perhaps I just haven't stumbled on the proper incantation yet. -randy