Renewing Certificates; About Renewal - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
Chapter 4. Requesting, Enrolling, and Managing Certificates
[RequestAttributes]
CertificateTemplate = DomainController
More information on using certreq and the format of the request file is available at
technet.microsoft.com/en-us/library/cc736326(WS.10).aspx.
2. On the Windows machine, run the certreq command to generate the request, specifying the
request .inf file and an output file for the certificate request. For example:
certreq -new request.inf dc-cert-request.req
3. Submit the certificate request to the CA, and set the name of the final output certificate file.
certreq -submit dc-cert-request.req dc-cert.cer
4. Install the new certificate in the server's database.
certreq -accept dc-cert.cer
5. To verify that the certificate is available by checking the certificate list in the management console.
TIP
It is also possible to request and submit a certificate in a single pass. For example:
certreq -f -v -config "domain.example.com\Certificate Authority - SUBCA -
server.example.com" -submit dc-cert-request.req dc-cert.cer
4.7. Renewing Certificates
Renewing a certificate regenerates the certificate using the same public key as the original certificate.
Renewing a certificate can be preferable to simply generating new keys and installing new certificates;
for example, if a new CA signing certificate is created, all of the certificates which that CA issued and
signed must be reissued. If the CA signing certificate is renewed, than all of the issued certificates
are still valid. A renewed certificate is identical to the original, only with an updated validity period and
expiration date.
This section discusses renewing user certificates and creating renewal profiles. For information
on renewing Certificate System subsystem certificates, see
Certificates.
4.7.1. About Renewal
A renewed certificate is identical to the original certificate, which makes renewing certificates a much
simpler and cleaner option for handling the expiration of many kinds of certificates, especially CA
signing certificates.
116
Chapter 16, Managing Subsystem
http://
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?