We have an AD environment that a previous tech set up with PKI. the enterprise CA cert is going to expire soon and when trying to renew it we get an error that looks something like this:
The certificate template renewal period is longer than the certificate validity period. The template should be reconfigured or the CA certificate renewed.
All attempts to locate the root CA, which was taken offline, have been unsuccessful so we have a couple of main questions:
1) what happens when the cert expires and we haven't addressed this?
2) what steps can be taken to deal with this in the event we can't find the root CA?
Thanks in advance!