Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Wednesday, April 29, 2009

What is the TTL on EFS Certificates? (How to handle expired DRA Certificates?)

If you utilize the default EFS template, the expiration time is 3 years.
Reference:
http://msmvpa.com/blogs/alunj/archive/2007/03/24/efs-in-a-domain-expirres-after-three-years.aspx


Now, how do you fix it?
http://blogs.technet.com/askds/archive/2008/01/07/replacing-an-expired-dra-certificate.aspx

Additional info:
While going through the certificate templates in MOC 2273 virtual machine, I discovered that the DRA template is valid for 5 years. So the debate continues as to how long these certificates are valid. I welcome any additional information on this one. The important part of this post is the link on how to fix it.

No comments: