我最初在两年前使用我的Windows 2008证书颁发机构发布它,并且它在所有时间都顺利运行,所以我想尽可能简单地更新证书,以确保所有依赖该证书的应用程序继续工作.
我可以打开一个MMC实例并为本地计算机添加“证书”管理单元.我可以在Personal下找到相关证书,但我无法续订.
当我选择使用新密钥续订证书时,我收到以下消息:
Web Server Status: Unavailable
The permissions on the certificate template do not allow the current user to enroll for this type of certificate.
You do not have permission to request this type of certificate.
但是,我无法理解这一点,因为我以域管理员身份登录,并且我在高架模式下运行MMC实例.
我检查了Web服务器证书模板,Domain Admins对此模板具有“注册”权限.
FWIW,我也试过重启服务器.
我该如何续签证书?
参考:
http://technet.microsoft.com/en-us/library/dd378790(WS.10).aspx
You cannot renew a certificate that has already expired. If you try to renew a certificate that has expired,the certification authority (CA) will reject the request,and you will see an error message similar to “Error Verifying Request Signature or Signing Certificate. A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.” This message will also be displayed in the Failed Requests node of the issuing CA. If your certificate has already expired,you must request a new certificate instead of renewing the existing certificate.
