Subordinate CA renewal, impact question for 802.1x RRS feed

  • Question

  • Hello!

    We have a Subordinate CA that Expires in a couple of months so i got a couple of questions i cant find the answer to.

    Our ROOT CA is a standalone but doesnt expire until 2021 so thats ok

    Our SubCA expires in a couple of months, the SubCA is the server that handles all the certificate requests so as you might understand all our issused certificates will expire at the exact same time as the SubCA

    We have a lot of wireless 802.1x clients that authenticate through NPS (network policy server)

    Our NPS servers use a Certificate from the SubCA that ofcourse also expires at the same time to authenticate the certificate from the clients

    Our Clients do trust the Root CA directly 

    If i Renew the SubCA with a new 3 years period will it impact the 802.1x wireless clients or will they just renew their own certificate and continue as usual?

    We have used AD Autoenrollment to get the certificates to the clients from the start so that is already set up

    does it matter if i renew with the same key or a new one?

    If the clients get thrown out of  the wireless they wont get a certificate back and then we will have som issues so im hoping for a solution where they wont notice a thing.

    Monday, August 14, 2017 11:45 AM