J1thatguy
asked on
Microsoft Certifcate Server
Does changing Certificate validty period on Cert server affect current issued certs. We want to use the following to use when issuing new certificates but don't want to invalidate any current certificates.
And does the 'certutil -renew reusekeys' just extend current issued certs? Not experienced with CA but need to address this issue at work and we have alot of self signed certs in our departments.
certutil -setreg ca\ValidityPeriod=Years
certutil -setreg ca\ValidityPeriodUnits=100
certutil -setreg ca\RenewalValidityPeriod=Y ears
certutil -setreg ca\RenewalValidityPeriodUn its=100
net stop certsvc & net start certsvc
You can verify the settings by substituting "-getreg" for "-setreg"
After that, you can use the 'certutil -renew reusekeys' command to renew the certificate.
And does the 'certutil -renew reusekeys' just extend current issued certs? Not experienced with CA but need to address this issue at work and we have alot of self signed certs in our departments.
certutil -setreg ca\ValidityPeriod=Years
certutil -setreg ca\ValidityPeriodUnits=100
certutil -setreg ca\RenewalValidityPeriod=Y
certutil -setreg ca\RenewalValidityPeriodUn
net stop certsvc & net start certsvc
You can verify the settings by substituting "-getreg" for "-setreg"
After that, you can use the 'certutil -renew reusekeys' command to renew the certificate.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER