Prevent Old CA Certificate from being distributed to Domain Clients
Posted on 2016-09-08
I run a Server 2012 R2 Domain.
I had an issue that my original CA certificate that expires in 2021 did not have the crl url in it so I created a new CA certificate created CA certificate that expires in 2026.
in the Certificate Authority General tab I can see both certificates.
I need to stop the original certificate from being distributed to the Domain Clients as its causing errors on my S4B servers.
I have tried going into the MMC certificates snap in (where you can see both the Old and New CA certificate) and deleting the old CA certificate on a client computer - but it just gets re-added.
any help would be appreciated