Automatically Renewing User Certificates from Inhouse CA?
Date: 03/23/05

Date: 23 Mar 2005 06:16:12 -0800

Hi Everyone,

I'm running a Win2k CA inhouse tied directly into Active Directory. In
order to make use of EAP/TLS over VPN, I've logged onto local user's
laptops, and downloaded user certificates for them from the CA webpage
onto their laptops, and they use these certs when connecting through
the VPN.

The issue is this... The certificates are only good for 1 year. They
do not renew themselves when they expire, and basically lock the person
out from even using EAP/TLS over VPN after they expire.

In order to get them working again, we have to manually browse over to
the CA webpage, and download a new user cert all over again, deleting
the old one that still sitting there, expired.

Is there anyway to automatically make these user certs renew, or
possibly force a renewal of that user cert on that machine?

I would appreciate your advice! :)

Thank you,