Certificate Renewal



I need some help in understanding the mechanics of certificate renewal. I
have two questions:

In the Certificates MMC console, when I right-click on a cert and go to All
Tasks I see the following tasks:
Request with new key
Request with same key
Renew with new key
Renew with same key

I've tried both a Request with same key and a Renew with same key on a valid
certificate. The results seem to be the same. In both cases I get a cert
with a different serial number so the results seem to be identical.

1. What is the difference between the Request task and the Renew task?

When I right-click on an expired cert and go to All Tasks, I get the same
list of tasks as above, however, when I try to Renew with same key, I get
the following error:

"The certification authority denied the request. A required certficiate is
not within its validity period when verifying against the current system
clock or the timestamp in the signed file."

A Request with same key does go through successfully.

2. Why does 'Renew with same key' not work for an expired certificate while
a 'Request with same key' does work?




Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads