Hello All, We are deploying non-exportable Client Authentication certificates to our users for remote access. One use case we still need to address is the situation where a user is remote and didn't receive their certificate for some reason. What I'd like to do is provide a second certificate template for the Help Desk that is exportable, but has an extremely short validity period (such as 1 hour). The Help Desk would wrap the cert in a password-protected PFX, deliver it to the customer with instructions for importing it, and then, as soon as the customer is on the network, instruct them to install the package which deploys them a "real" cert. That's more information than you really need. My question is around setting the validity period in the certificate template. Using the certtmpl.msc GUI doesn't allow me to set a validity period on a template shorter than 2 days. I'm wondering if anyone has encountered something like this before, and if they've found a backdoor for setting a shorter validity period than that. If it's not possible, can anyone explain why there is a technical limitation which disallows a cert from being valid for less than 2 days?

I have tried and was able to set 1 hour for certificate validity period.http://www.sysadmins.lv

How did you do it? Through the cert template GUI? I don't even see "Hours" as a selectable time unit...

Through Certificate Templates MMC snap-in on my Windows 7 box (with RSAT).http://www.sysadmins.lv

Hi all, I'm too interested about this issue. I cant to change the minimum time (in my case two days) . Anybody knows how to repare this issue? Thanks in advance.