This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

Renew sccm 2012 certificates, How does it works?

Question
0

Sign in to vote
Hello,

We have a PKI SCCM 2012 client certificate distributed using a Certificate server in our domain (template).

We have enabled autoenrolment enabled in the policies.

Does the PKI certificate for SCCM 2012 client certificate on the client automatically renew when it wil expire ?

What is the time that the certificate will be renewed automatically?

Do we need to renew the template on the certificate server?

Can someone explain how this works?
- Edited by Theo H Wednesday, May 24, 2017 3:30 PM
Wednesday, May 24, 2017 3:14 PM

All replies

0

Sign in to vote
First, this really has nothing to do with ConfigMgr -- ConfigMgr is simply a consumer.

> "Does the PKI certificate for SCCM 2012 client certificate on the client automatically renew when it wil expire ? "

Assuming you've enabled auto-renewal and the client system has access to AD and the issuing CA, then yes.

> "What is the time that the certificate will be renewed automatically?"

Based on the text of the option in Group Policy, the certificate will be renewed once it has expired: "Renew expired certificates, update pending certificates, and remove revoked certificates"

> "Do we need to renew the template on the certificate server? "

Templates don't expire.

"Can someone explain how this works? "

How what works? Have you reviewed the official documentation?

Jason | http://blog.configmgrftw.com | @jasonsandys
- Edited by Jason Sandys [MSFT]MVP Wednesday, May 24, 2017 3:37 PM
- Proposed as answer by Xin GuoMicrosoft contingent staff Thursday, June 15, 2017 9:54 AM
Wednesday, May 24, 2017 3:36 PM