certitficate auto-renewal?
Hello, Would someone please explain the processs by which 2008 servers update their computer certificate from an internal CA?
On 6/10 I discovered our 2003 SP2 enterprise internal CA's root cert was going to expire on 6/16. I immediately renewed it using the same key.
Since users and computers have been getting updated certs with expiration dates a year in the future.
What is the process that a 2008 server gets an updated cert? I have tried rebooting, gpupdate, manaully running the "CertificateServicesClient" System task but nothing happens. We have had a handful of 2008 servers update successfully but Im unsure how.
Our few 2003 servers seemed to update very quickly whereas only a few 2008 servers have.
Thanks for any help
June 13th, 2011 10:27pm
have u reviewed any GPO settings you might have?
take a look at:
http://technet.microsoft.com/en-us/library/cc731522.aspx
Free Windows Admin Tool Kit Click here and download it now
June 14th, 2011 6:51pm
Thanks S. Kwan. I have reviewed and all are set correctly.
I think what is going on here is my CA was issuing certificates with shorter and shorter validity periods as the expiration of the Root CA was getting closer.
As user/computer certificates reach 80% of validity remaining they are automatically renewing. Doing some quick calculations shows most servers should renew in next 24 hours.
thanks
June 14th, 2011 6:56pm