How do I (or is it possible) to configure SSL Certificates for ADAM to self-renew

Question

I have an environment of Windows Server 2003 machines that are running ADAM (Active Directory Application Mode) over SSL. The SSL certificates that are installed on the machines are created using our internal CA and are trusted on any computer on our domain.

The problem is that they expire. Is there a way that I can configure the server or certificate services to enable these certificates to renew themselves or get renewed in an automated fashion?

score 2 · Answer 1 · answered May 04 '09 at 23:14

2

I do not know a way to do this, but I thought I would chime in. Why not to create the certificates to expire 20 years (random number here, could be less, or more) after creation instead?

answered May 04 '09 at 23:14

score 1 · Answer 2 · answered May 04 '09 at 23:28

1

I don't think there's a way to auto-renew certs. Are you in control of the CA? I think about the best you can do is get a cert that has an expiration way out in the future. This might be a problem, though, if you don't control the CA.

answered May 04 '09 at 23:28

squillman

37,883
12
92
146

How do I (or is it possible) to configure SSL Certificates for ADAM to self-renew

2 Answers2