Hello We have CA servers root and issued 1) Windows Server Enterprise 2003 R2 Root CA 2) Windows Server Enterprise 2003 R2 Issued CA We need to renew issued CA certificate http://technet.microsoft.com/en-us/library/cc776691(WS.10).aspx#BKMK_AVAIL Using the Windows interface Log on to the system as a Certification Authority Administrator. Open Certification Authority. In the console tree, click the name of the certification authority (CA). Where? Certification Authority (Computer)/CA name On the Action menu, point to All Tasks, and click Renew CA Certificate. Do one of the following: If you want to generate a new public and private key pair for the certification authority's certificate, click Yes. If you want to reuse the current public and private key pair for the certification authority's certificate, click No. Get the CA certificate from the parent CA. For more information, see Notes. If a parent CA is available online Click Send the request directly to a CA already on the network. In Computer Name, type the name of the computer on which the parent CA is installed. In Parent CA, click the name of the parent CA. We see pending request on root CA an issued this request. On root CA we issued CA certificate all ok Valid from 1/12/2011 to 1/12/2113 but on issued CA we can not see renewed certificate for 3 ours. Can anybody help to us?

You have to export the certificate and import it to the "issued CA". 1. On root CA export the certificate as follows: 1.a In issued certificates double click the issued certificate, select details and choose copy to file 2.a On "Export file format" choose "Cryptographic Message Syntax Standard - PKCS #7 Certificates (.P7B)" and export the certificate as file 2. On "issued CA" select all tasks "Install CA Certificate" and use the file HTH Martin