I have 2 Certificate machines.... an offline root, and an issuing. both are win 2008 r2.
Upon first setup a year ago, all was fine. now it is time to renew.
I did the various steps to get a new root cert, installed it on the issuing, life is good.
Next, I took the cert and included it in GPO so all the other machines in the network will get it. (computer config/windows settings/security settings/public
key policies/Trusted root cert authorities)
After importing it there, I look at the cert. it shows it is valid till Nov 2013. I click on Certification path tab, I click on the ROOT,
then view certificate and it show the root as being valid until Nov 2013.
I run gpupdate /force on the DC, then I go to another machine, run gpupdate /force on there as well.
I open the certificate for the local machine snap-in.
I go to the Trusted Root Cert Authority, I find the new cert, and the date says it is valid till Nov 2013. I click on the Certification path tab, click on the
ROOT, then view certificate.
It tells me the date of Dec 9<sup>th</sup> 2012. That is the old date.
Why is it not getting the new root cert information??
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.