setting certificate lifetime with MS CA with SCEP

Unanswered Question
Nov 10th, 2009
User Badges:

I am using an MS certificate authority (CA) to issue certificates to VPN routers using the SCEP add on. The template that the CA is using for this specifies a certificate lifetime of 2 years but the certs that the routers are receiving expire in 1 year.

I can't tell if the routers are requesting this shorter lifetime (and if they are I can't find any way to change the default), or if the SCEP plugin is causing this.

I need to either get this to 2 years or figure out how to get the routers to renew automatically (auto-enroll) while the CA requires a SCEP challenge password. I can get auto-enroll working when there isn't a challenge password, but it fails when that's turned on.

Thanks in advance...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion