![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 53%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPW%3C/text%3E%3C/svg%3E)
1,563 questions
Thank you for posting your query on Microsoft Q&A, from above description I could understand that you have an Azure VM holding self-signed certificates from MDE and Azure Monitoring Agent and want to know the renewal process of the same.
Please do correct me for any discrepancy in my understanding by responding in the comments.
Answer to your query is yes, A new certificate should automatically be issued after the predefined threshold by Azure services.
These certificates are pushed as a result of extension on VM. Purpose of the certificate is that each extension creates is to establish secure connection with the backend (Azure service, in your case MDE and Azure Monitor). You may delete the expired certificates as the services don't have any mechanism to delete the certificate from any VMs/Azure ARC.
Thanks,
Akshay Kaushik
Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.
