Re-enroll
Scenario: a network device periodically switches to/from SSL and non-secure connections. When leaving secure mode it deletes all of its current certs (client, CA, CRL). When it goes back into secure mode it re-enrolls via SCEP to get a new client cert. It
doesn't matter to us if the CA returns the original client cert again or returns a new one just as long as it works.
Question: Will ADCS NDES handle this ok? The network device isn't re-enrolling in the traditional sense because the previous client cert didn't expire. If that's a problem would it be possible for the network device to tell ADCS to revoke the original
client cert first so that the new SCEP request would succeed? Our new system isn't running so I can't test it for myself yet. We're migrating from a different solution to Server 2008 R2. Thanks in advance for the help.
June 15th, 2012 12:15pm