locked
renew radius certificate from internal ca RRS feed

  • Question

  • dears,

    my radius server has a certificate issued from CA and it expires tomorrow.

    can you advise on how to renew it from ca?

    kind regards,

    Tuesday, July 21, 2020 1:01 PM

All replies

  • Hi,

    if the template used for issuing the certificate a. is still published and b. supports renewal, just right click on the cert, select All Tasks --> Renew with same Key...

    Otherwise, just enroll for antoher certificate with the same Subject, SAN(s) and Key Usage policies and then change it in the NPS properties.


    Evgenij Smirnov

    http://evgenij.smirnov.de

    Tuesday, July 21, 2020 1:19 PM
  • if i go to advanced and renew, there is an option to renew and to choose same key or generate a new key

    so are you talking about this?

    thanks

    Tuesday, July 21, 2020 1:32 PM
  • Exactly. The options depend on what is allowed within the template.

    Evgenij Smirnov

    http://evgenij.smirnov.de

    Tuesday, July 21, 2020 1:38 PM
  • so let's say i can renew it with the same key, than that's it? and finish?

    what will happen to the old one it will expire in one week?

    will it still be working? or the new one will be working?

    do i have to do any additional tasks to import it again or just renewal

    thank u so much

    Tuesday, July 21, 2020 1:42 PM
  • Hi,

    what happens on renewal is that the old cert is replaced by the new one in the store, i.e. you shouldn't be seeing the present cert anymore after renewal. I'm not 100% sure what happens on NPS but you should check the config afterwards anyway so if you do not see the renewed cert bound to NPS just re-select it in the config.


    Evgenij Smirnov

    http://evgenij.smirnov.de

    Tuesday, July 21, 2020 2:05 PM
  • Hi,

    It looks like the query is more related to the AD feature part, which our forum doesn’t focus on. I noticed that you have opened another new thread in our Security forum, and in order to get more efficient support, I suggest that you can focus on that post.

    Please kindly mark the reply of this post as an answer to terminate this post.

    Your understanding is appreciated.

    This "Network Access Protection" Forum will be migrating to a new home on Microsoft Q&A, please refer to this sticky post for more details. 

    Best Regards,

    Sunny


    "Network Access Protection" forum will be migrating to a new home on Microsoft Q&A!

    We invite you to post new questions in the "Network Access Protection"  forum's new home on Microsoft Q&A!

    For more information, please refer to the sticky post.
    Wednesday, July 22, 2020 7:46 AM
  • it is solved

    renew with the same key

    but will have to edit each radius policy to inherit this ca certficiate ( it took a public ca by default)

    best regards,

    Wednesday, July 22, 2020 7:47 AM
  • Hi,

     

    I am glad to hear that your issue was successfully resolved. Thanks for your posting here and sharing the resolution!

     

    Please close this post by marking this reply as an answer.

     

    If there is anything else we can do for you, please feel free to post in the forum.

     

    Best Regards,

     

    Sunny


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   

    Thursday, July 23, 2020 10:43 AM