When a certificate authority expires, is it gone for good? Is there a way to renew it? Or should I just generate a new certificate? I don't really want to make a new one because this certificate authority is already trusted by many of our customers. I'm dealing with a legacy mess and just discovered that our CA is expiring in 2015.
Thanks!
Best Answer
In the Certificate Authority MMC snap-in (
certsrv.msc
), if you right-click the server object, under "All Tasks" there's an option to renew the certificate.Edit: Definitely just realized that you didn't specify which type of CA. Clearly, I've just been dealing with too much Windows today. If needed (or for completeness, if not), here's the procedure via OpenSSL: