Avatar of jackbenson
Flag for United Kingdom of Great Britain and Northern Ireland

asked on 

Prevent Old CA Certificate from being distributed to Domain Clients


I run a Server 2012 R2 Domain.

I had an issue that my original CA certificate that expires in 2021 did not have the crl url in it so I created a new CA certificate created CA certificate that expires in 2026.

in the Certificate Authority General tab I can see both certificates.

I need to stop the original certificate from being distributed to the Domain Clients as its causing errors on my S4B servers.

I have tried going into the MMC certificates snap in (where you can see both the Old and New CA certificate) and deleting the old CA certificate on a client computer - but it just gets re-added.

any help would be appreciated

many thanks

Windows Server 2012Security

Avatar of undefined
Last Comment
Rich Weissler

8/22/2022 - Mon