R 
		
								
				
				
			
		Ray Gibson
I have a win2k box setup as the VPN server for a remote network.  It is
configured as a Standalone CA and uses its keys for the L2TP over IPSEC
traffic. It works Great!.
Here's my question. The keys expire in 2 weeks. I have since migrated to
AD and have installed an Enterprise Root CA. I want all of the client
machines to request certs from the Enterprise CA and eventually remove the
standalone CA.
Since the existing certificte on the VPN server doesn't expire for 2 weeks,
can I add a new certificate to it from the Enterprise CA for testing without
mucking up the existing cert? I'd love to be able to update my remote
network clients (XP Laptops) one at a time prior to their certs expiring.
The Enterprise CA is a Win2k3 server.
Your help would be greatly appreciated.
Thanks in advance. Ray
				
			configured as a Standalone CA and uses its keys for the L2TP over IPSEC
traffic. It works Great!.
Here's my question. The keys expire in 2 weeks. I have since migrated to
AD and have installed an Enterprise Root CA. I want all of the client
machines to request certs from the Enterprise CA and eventually remove the
standalone CA.
Since the existing certificte on the VPN server doesn't expire for 2 weeks,
can I add a new certificate to it from the Enterprise CA for testing without
mucking up the existing cert? I'd love to be able to update my remote
network clients (XP Laptops) one at a time prior to their certs expiring.
The Enterprise CA is a Win2k3 server.
Your help would be greatly appreciated.
Thanks in advance. Ray
