I am using an MS certificate authority (CA) to issue certificates to VPN routers using the SCEP add on. The template that the CA is using for this specifies a certificate lifetime of 2 years but the certs that the routers are receiving expire in 1 year.
I can't tell if the routers are requesting this shorter lifetime (and if they are I can't find any way to change the default), or if the SCEP plugin is causing this.
I need to either get this to 2 years or figure out how to get the routers to renew automatically (auto-enroll) while the CA requires a SCEP challenge password. I can get auto-enroll working when there isn't a challenge password, but it fails when that's turned on.
Thanks in advance...