[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

MS Certificate Authority expiring

I have a CA that is expiring in 1 year.  I wish to create user certificates for 30 years, but MS support says that they cannot be created for a period longer than the CA expiration.  I do not want to re-create my certificate authority to do this, since i have a lot of user certs already out there.  I found the registry entries ValidityPeriod & ValidityUnits, and changed them to reflect the 30 years I need, but since they exceed the CA that is installed I would have to re-issue that new CA to get those registry changes.

How do i do this?

--dan
0
teknorapex
Asked:
teknorapex
1 Solution
 
SunBowCommented:
You have to use/change it at the root authority level. You cannot simply change a reg entry to make certificates work on the net.

You can get a new certificate with the same name, at least my company did. Dunno why. (politics?).  Maybe take a look at MS alternative like Thawte or <ugh> verisign. Maybe Western Union.
0
 
pcssecureCommented:
You can renew the CA before it expires.  This way, the CA will last longer than its original expiry date.  
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now