renewing server certificates window 2000 domain with isa 2004

[Guest Buttnuts]

my system layout,

windows 2000 server domain controller/master running isa 2004

It is the fmso and CA

one windows 2000 domain controller server (back up)

one windows 2000 server running MSSQL (multiple mission critical

dbase!)

one windows 2000 server (web edition) running mulitple web sites (some

mission critical web services - connecting to SQL)

one windows 2000 server running phone system (speaks to SQL)

multiple windows 2000 application servers - accounting, imaging etc.

multipe windows XP clients (internally and externally connecting

through web services and vpn)

My problem is my server certificates look like they are going to

expire!!

How can I renew all of the certificates quickly and safely from the CA

on the main server?

Is there a way I can just 'extend' the dates of the existing ones??

I would also like to renew a verisign ssl cert for the web server but

the cert on the web server points/show the main server.

I am dead tired and any help would be GREATLY APPRECIATED.

[Guest Dusko Savatovic]

Re: renewing server certificates window 2000 domain with isa 2004

 

You cannot quickly renew certificates from the CA console.

CA service simply replies to certificate requests.

If the initial request for certificate renewal fails, the best approach

would be to remove old cert then, request-issue-install new certificate.

This is very much a maual process and there's no much help for it. It can be

scripted, for example Exchange 2007 can request certs using

'New-ExchangeCertificate' cmdlet from Exchange management Shell, but I see

that you are using Win 2000 network infrastructure.

 

BTW, how many certificates do you need to renew? From your post, I can see

only one - Web server. Maybe another one for VPN? User certificates are

users' responsibility (or responsibility of customer support) and they

should be dealt with on 'one by one' basis.

 

You should take care of EFS recovery agents if you have any.

 

"Buttnuts" <leaderbuilder@gmail.com> wrote in message

news:34cc59de-a1e1-49cd-8531-ec6a04ed4c41@f77g2000hsf.googlegroups.com...

> my system layout,

> windows 2000 server domain controller/master running isa 2004

> It is the fmso and CA

> one windows 2000 domain controller server (back up)

> one windows 2000 server running MSSQL (multiple mission critical

> dbase!)

> one windows 2000 server (web edition) running mulitple web sites (some

> mission critical web services - connecting to SQL)

> one windows 2000 server running phone system (speaks to SQL)

> multiple windows 2000 application servers - accounting, imaging etc.

> multipe windows XP clients (internally and externally connecting

> through web services and vpn)

> My problem is my server certificates look like they are going to

> expire!!

> How can I renew all of the certificates quickly and safely from the CA

> on the main server?

> Is there a way I can just 'extend' the dates of the existing ones??

> I would also like to renew a verisign ssl cert for the web server but

> the cert on the web server points/show the main server.

> I am dead tired and any help would be GREATLY APPRECIATED.