Renew Forest/ Domain Certificate - help
-
Wednesday, January 02, 2013 2:29 PM
Network is running Windows 2008 Enterprise.
Our Forest root certificate is set to expire end of January.
Do I need to do anything to renew this certificate? Will it auto populate across domain with the new one?
- Moved by Aiden_CaoMicrosoft Contingent Staff, Moderator Thursday, January 03, 2013 3:03 AM (From:Network Infrastructure Servers)
All Replies
-
Thursday, January 03, 2013 5:00 AMModerator
Hi,
Thanks for your post.
Please check the following article and similar thread. Hope it helps.
Renewing a certification authority
http://technet.microsoft.com/en-us/library/cc740209(v=ws.10).aspx
Add a trusted root certification authority to a Group Policy object
http://technet.microsoft.com/en-us/library/cc738131(v=ws.10).aspx
Looking for the correct process to renew a standalone root CA certificate
Best Regards,
Aiden
If you have any feedback on our support, please click here
Aiden Cao
TechNet Community Support
- Proposed As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Monday, January 07, 2013 2:38 AM
- Marked As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Tuesday, January 15, 2013 2:18 AM
-
Monday, January 07, 2013 2:38 AMModerator
Hi,
How are things going? I just want to check if the information provided was helpful. If there is any update or concern, please feel free to let us know.
Best Regards,
Aiden
If you have any feedback on our support, please click here
Aiden Cao
TechNet Community Support -
Tuesday, January 08, 2013 12:30 PM
Hello Aiden,
Thanks for following up. However the situation is not resolved. I followed and read the links provided. However I am still unable to renew the certificates. According to one http://technet.microsoft.com/en-us/library/cc780374(v=ws.10).aspx I just need to right click and renew.
However when I right click, All Task, I only get the following: View Attributes/Extensions, Export binary data, Revoke Certificate. I have no option to renew.
I am using pkiview.msc from my workstation, logging into the forest certificate authority with the admin/password account. The certificate authorities are all core servers.
Is there something I am doing wrong? Do I need to renew the certificate from the server? if so, how do I do that on a core server. I have about 10days before the certificate expires.
-
Wednesday, January 09, 2013 6:23 AMModerator
Hi,
Thanks for your update.
Please check the similar thread as below by running Certutil command line.
How to renew Enterprise Root CA on server core 2008 R2
Best Regards,
Aiden
If you have any feedback on our support, please click here
Aiden Cao
TechNet Community Support- Marked As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Tuesday, January 15, 2013 2:18 AM
- Unmarked As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Monday, January 21, 2013 3:00 AM
- Marked As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Monday, January 21, 2013 3:00 AM
-
Tuesday, January 22, 2013 11:46 AM
I stood up another sub-CA server runnings Windows 2008r2 Enterprise. I was able to renew the forest cert and the domain controller certs updated as well.
I have another Cert issue on the Win Core servers. however I will post a new question.
thank you for the help.
.png)
