asked on
Need to renew or create (citrix server) web certificate (CA)
Had to install new CA management server. Could not renew cert that expired today. Created new CA but shows as a failed request. "A required certificate is not within its validity period when verifying against the system clock or the time stamp" "Error verifying request signature or signing certificate"
Note: I did set the CA server for a default of 8 years for the cert period.
Our Citrix users cannot access the store front until this is corrected. Would gratefully appreciate assistance.
thank you
Wayne
ASKER
Hi. Citrix support said we can create our own which is what was done on the previous cert. The previous cert manager was retired so we could not renew the current cert. Could the lenght of the cert period (8 years be the issue?
By the error message, it sounds like some sort of time synchronization issue.
Are the dates/times correct on both the CA management server, and the PC requesting the certificate?
ASKER
times are correct / within 1 minute
ASKER
Here is the error:
Active Directory Certificate Services could not process request 10 due to an error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495 CERT_E_EXPIRED). The request was for CN=citrix02.ablehc.local, OU=XenApp, O=Able Health Care, L=Merrick, S=NY, C=US. Additional information: Error Verifying Request Signature or Signing Certificate
Sorry, I'm not familiar with how to generate a new one, since I use certificates from a known CA (because of issues like these :)
Thawte has a 1 year SSL123 certificate for $149, and RapidSSL has one for $59.
At those prices, it's not worth the hassle.