2003 Certificate Authority Issuing Certificates
Posted on 2010-09-04
Hi, a Windows 2003 Certificate authority allows me to request a certificate with a name of "DEVICE". That certificate is is in use on a PDA, to gain access to network resources.
My query is the certificate is due to expire on say "x" date. The Certificate Authority allows me to request a new certificate to use when the old one expires using the same name, department company name etc as the original. even though the original certificate hasnt expired or been revoked. So the CA effectivley knows it has issued 2 certs under the same details. The CA dosent generate an error when I do this and generates the new certificate.
I intend on transfering the new certificate to a device and installing it and removing the old one.
Question is this. Is it safe and acceptable that the CA will allow me to request a certificate with the same name, department etc as the original, (even though the old cert hasnt expired yet), because its able to distinguish between them by the certificates serial number etc ?
This approach allows me to generate the new certificate and send to the person with the device before the old one expires. Thoughts ?