Solved

Microsoft Certifcate Server

Posted on 2010-09-18
2
924 Views
Last Modified: 2012-05-10
Does changing Certificate validty period on Cert server affect current issued certs. We want to use the following to use when issuing new certificates but don't want to invalidate any current certificates.
And does the  'certutil -renew reusekeys'  just extend current issued certs? Not experienced with CA but need to address this issue at work and we have alot of self signed certs in our departments.

certutil -setreg ca\ValidityPeriod=Years
certutil -setreg ca\ValidityPeriodUnits=100
certutil -setreg ca\RenewalValidityPeriod=Years
certutil -setreg ca\RenewalValidityPeriodUnits=100
net stop certsvc & net start certsvc

You can verify the settings by substituting "-getreg" for "-setreg"

After that, you can use the 'certutil -renew reusekeys' command to renew the certificate.
 
0
Comment
Question by:J1thatguy
2 Comments
 
LVL 5

Accepted Solution

by:
Blake_1 earned 500 total points
ID: 33710503
No it does not affect currently issued certs, they will need to be re-issued or renewed.  Better to configure a proper PKI rather than using self-signed certificates.
0
 

Author Comment

by:J1thatguy
ID: 33710587
So current certs will still be valid but in order to take advantage of the new certificate life span I need to reissue the certs?
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now