I have created my Root CA, it is set to expire in 20 years on my stand-a-lone CS, Windows 2008 Enterprise R2 SP1. I have sent a request over from my Issuing CS, also running Windows 2008 R2 SP1. The Root CA signs the certificate, and I export it to a file. However, when I open the Cert information is says it will expire in a year. I don't want my signed certificate to expire for many years, but am not sure where to change that? I have not imported this cert into my issuing CA or have I assigned it to my root ca yet.

You need to adjust the validity period of issued certificates om your Root CA, using the commands below will give you 10 years for all issued certificates certutil.exe -setreg ca\ValidityPeriodUnits 10 certutil.exe -setreg ca\ValidityPeriod "Years" /Hasain

note that you must restart certificate services after setting change.My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com Windows PKI reference: on TechNet wiki