07-06-2008 07:05 AM - last edited on 03-25-2019 05:25 PM by ciscomoderator
Hi there
I implemented a wired 802.1x authenticated network. I only use machine (computer) certificates to authenticate the workstations. Automatic Certificate Enrollemnt is installed in the Windows 2003 domain. I was wondering what will happen after one year. Right than the certificate is not valif anymore. Auth-Fail VLAN or Guest-VLAN is a Internet-Only VLAN on the firewall.
When users power on their computer the next mornig, access will be rejected. Is it posible to do a automatic certificate renewal a few days before the validity of the certificate expires ?
Regards
Remco
Solved! Go to Solution.
07-07-2008 06:44 AM
Your certificate template will have a "renewal period" (for example, 6 weeks). Then, 6 weeks (or whatever the renewal period is) before the certificate is supposed to expire, the workstation will automatically attempt to renew its certificate. As long as the workstation is connected to the domain and has access to the CA at some point during that period, it can update its certificate and hence will not fail authentication.
Hope that helps.
Shelly
07-07-2008 06:44 AM
Your certificate template will have a "renewal period" (for example, 6 weeks). Then, 6 weeks (or whatever the renewal period is) before the certificate is supposed to expire, the workstation will automatically attempt to renew its certificate. As long as the workstation is connected to the domain and has access to the CA at some point during that period, it can update its certificate and hence will not fail authentication.
Hope that helps.
Shelly
07-07-2008 10:50 AM
Thanx Shelly...
I also saw that in the certificate template !
Problem solved !!
10-20-2008 08:55 PM
what happened when the user is outside the network for a very long time and not able to renew the cert before the expiry date?
10-21-2008 12:53 AM
Thene authentication will fail.. Certificate is expired.. You have to manually renew the certificate..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide