I am trying to understand the behavior of autorenewal of computer certificate. The "computer" certificate based on V1 template is distributed to domain computers via ACR (automatic certificate request) in a GPO. Upon observation, computer gets this certificate installed when it joins the domain. According to documentations, the computer certificate distributed via ACR should be able to renew automatically. However, I noticed that on quite many machines this certificate had expired - some expired over a year. My questions are: 1. when a machine hits renew interval (< 6 weeks) does the renew automatically occur, or it needs a machine reboot to get the certificate renewed? 2. if the renewal needs a reboot and a machine does not get a chance to reboot untill this certificate expired, will a reboot at this point of time gets the certificate renewed, or gets a new certificte, or nothing happens? 3. What else can cause this computer certificate not renewed automatically? Thanks.

Hi, Please refer the following related articles: Default Certificate Templates http://technet.microsoft.com/en-us/library/cc755033.aspx Certificate Template Versions http://technet.microsoft.com/en-us/library/cc725838.aspx Hope this helps! Best Regards Elytis ChengElytis Cheng TechNet Community Support

Hi, Please refer the following related articles: Default Certificate Templates http://technet.microsoft.com/en-us/library/cc755033.aspx Certificate Template Versions http://technet.microsoft.com/en-us/library/cc725838.aspx Hope this helps! Best Regards Elytis ChengElytis Cheng TechNet Community Support