One of clients has a very simple domain, with 2 x W2008 R2 Domain Controllers and an Exchange Server 2010 server.
For some reason the Exchange server is the Certification Authority and 2 of the certificates expired in December 2015.
The Domain Controller now gets;
- Event ID: 64 - Certificate for local system with Thumbprint xxxxxxxxxx is about to expire or already expired
- Event ID: 6 - Automatic certificate enrollment for local system failed (0x800b0101) A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
- Event ID: 13 - Certificate enrollment for Local system failed to enroll for a DomainControllerAuthentication certificate with request ID N/A from "ServerName01-CA" (A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495)).
and the same Event ID: 13 for a "DirectoryEmailReplication" certificate.
It seems relatively simple, that the certs have expired and, as we can't renew, we have to create new ones, but I'm unsure how to go about this.
Any pointers would be appreciated.
Thanks in advance.