I have a Server 2008 R2 server with ADCS. Last April, I replaced the Server 2003 CA (and DC) server and migrated the CA to the 2008 R2 server (also DC). It has the same machine name and I did not create a new CA when I migrated. The following errors recently appeared in the application log:
Event ID: 77
The "Windows default" Policy Module logged the following warning: The Active Directory connection to COMPUTER.DOMAIN.Local has been reestablished to COMPUTER.DOMAIN.Local.
Event ID: 53
Active Directory Certificate Services denied request 11 because The certificate template renewal period is longer than the certificate validity period. The template should be reconfigured or the CA certificate renewed. 0x80094814 (-2146875372). The request was for CN=COMPUTER.DOMAIN.Local. Additional information: Denied by Policy Module Renewing a certificate with the DomainController Certificate Template failed because the renewal overlap period is longer than the certificate validity period.
Looking in the MMC, the CA Certificate expires 1/28/2012. There are also 2 Basic EFS Certificates.
Should I renew the current certificate or create a new one? Can you direct me to step-by-step instructions for the preferred solution?