Microsoft Certifcate Server
Posted on 2010-09-18
Does changing Certificate validty period on Cert server affect current issued certs. We want to use the following to use when issuing new certificates but don't want to invalidate any current certificates.
And does the 'certutil -renew reusekeys' just extend current issued certs? Not experienced with CA but need to address this issue at work and we have alot of self signed certs in our departments.
certutil -setreg ca\ValidityPeriod=Years
certutil -setreg ca\ValidityPeriodUnits=100
certutil -setreg ca\RenewalValidityPeriod=Years
certutil -setreg ca\RenewalValidityPeriodUnits=100
net stop certsvc & net start certsvc
You can verify the settings by substituting "-getreg" for "-setreg"
After that, you can use the 'certutil -renew reusekeys' command to renew the certificate.