02-24-2013 06:31 PM - edited 03-10-2019 08:07 PM
Hi,
I have an ACS environment with PEAP working. the root CA is about to expire i was going to just right click the root CA and try to renew with same keys. Will this break the current users that have the certificate aready installed? do i need to do anything with the ACS server or is the certificate essentially the same?
what recommendations do you h ave for this?
Thanks for your time with helping answer this.
02-25-2013 10:42 AM
It should not if the Root CA would remain same.
Jatin Katyal
Regards,
- Do rate helpful posts -
02-26-2013 04:30 AM
You can renew the server certificate given that the root CA is the same or the clients have the root CA certificate installed on them.
So if you are using the same root CA to renew the server certificate . this shouldn't have any effect cause the clients will keep honoring any certificate exposed to them given that they have the same root CA certificate installed.
-----------------------------------------------------------------------
Please Don't forget to rate correct answers
02-26-2013 02:28 PM
1. You renew the root CA cert. Nothing happens as the ACS cert is still valid (not expired) and clients validate it against their stored root CA cert (assuming the Validate Server cert checkbox is checked on the clients)
2. You distribute the new root CA cert to the clients. Don't remove the old cert. Check the new cert under 'Validate server' settings on the clients
3. You request a new cert for the ACS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide