adjustment the expiry day on self - authorized certifications?
I have a customer that is making use of self - authorized certifications (to authorize InfoPath kinds). The certifications are developed making use of the certificate solution constructed right into Windows 2008. They claimed the certicates constantly run out after one year. Just how does one chage the expiry day on a certificate or do they need to release new ones? (Is one year the default in the layout)?
I assume the only devices readily available to them are the ones home windows features : certmgr, certutil, & certreq. (Am I missing out on any kind of?)
Additionally, The certificate is a Code Signing Certificate, if that makes a distinction?
In basic you can not transform an expiration on an existing cert. You can perhaps edition a new one with a new expiration day (perhaps greater than a year in the future, relying on your devices, certainly), yet you can not transform one that is currently been released.
There is a Microsoft Knowledge Base write-up concerning this inquiry:
You can not transform the expiry day of an existing certificate. Yet you can transform the default legitimacy duration for the Certificate Authority.
This write-up defines just how to transform the legitimacy duration of a certificate that is released by a Windows Server 2003 or a Windows 2000 Server Certificate Authority (CA).
By default, the life time of a certificate that is released by a Stand - alone Certificate Authority CA is one year. After one year, the certificate runs out and also is not relied on for usage. There might be scenarios when you need to bypass the default expiry day for certifications that are released by an intermediate or a releasing CA.
A CA can not release a certificate with a much longer legitimacy duration than its very own CA certificate.