NetworkRangers
asked on
Any effects of renewing certificate on root CA server
Our root CA certificate is about a month from expiring. I am planning on renewing the CA certificate with the same key this weekend. I have read Microsoft's documents and it sounds straightforward.
Is there any issues I should be aware or watch out for?
I assume that the certificates already approved will automatically reflect the extended expiration date after the renewal as long as I use the same key. Is this a true statement?
This is the first time we have had to renew and I would liek to hear from someone with experience. Is it as simple as stated or not?
Is there any issues I should be aware or watch out for?
I assume that the certificates already approved will automatically reflect the extended expiration date after the renewal as long as I use the same key. Is this a true statement?
This is the first time we have had to renew and I would liek to hear from someone with experience. Is it as simple as stated or not?
ASKER
Yes I have read the article you are referring to. I may have not worded it right as this was not the answer I was looking for.
I plan on renewing the certificate on our CA and chossing the option to use the same key.
My questions were when I do renew the CA certificate do the certificates that have previously been provided and approved by the CA automatically become valid for the same period of time?
Example I previously got a certificate for website A from the CA and the valid period was till July 30th because the CA is only valid till July 30th. When the admin does the Renew CA Certificate and increases it for 5 more yrs. Now new certificates requested and approved would be good for 5 yrs.
What about the certificates due to expire July 30th 2008? As long as they are not revoked will they be automatically renewed for another 5 yrs?
I plan on renewing the certificate on our CA and chossing the option to use the same key.
My questions were when I do renew the CA certificate do the certificates that have previously been provided and approved by the CA automatically become valid for the same period of time?
Example I previously got a certificate for website A from the CA and the valid period was till July 30th because the CA is only valid till July 30th. When the admin does the Renew CA Certificate and increases it for 5 more yrs. Now new certificates requested and approved would be good for 5 yrs.
What about the certificates due to expire July 30th 2008? As long as they are not revoked will they be automatically renewed for another 5 yrs?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
So for clarity:
When a CA's certificate reaches the end of its validity period, all certificates it has issued will also expire.
http://technet2.microsoft.com/windowsserver/en/library/f9f398e1-c78c-41fc-8dff-2412fdae6ab71033.mspx?mfr=true
-Rowan