June 2017
Beginner to intermediate
742 pages
18h 29m
English
Content preview from Mastering Active Directory
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
CA time limits
When we set up the CA, we have defined the CA validity period as 20 years. But it doesn't mean every certificate it issues will have 20 years' valid period. Root CAs will issue certificates only to the issuing CAs. Certificate requests, approval, and renewal processes are manual. Therefore, these certificates will have longer validity periods. In the demo, I will set it for 10 years:
certutil -setreg ca\ValidityPeriod "Years"certutil -setreg ca\ValidityPeriodUnits 10