No option to "Renew CA certificate" under "All Tasks" when I right click my Certificate Authority server

Mario 21 Reputation points
2021-03-03T12:02:32.613+00:00

We have a Root CA that's going to expire soon but I don't have the option to renew it when I go to All Tasks.

The environment we are using is Windows Server DataCenter 2016 Core. Please keep in mind that our Certificate Server is Server Core which means I don't have a GUI which is another issue because all tutorials online state the solution in GUI mode!!!!

I Looked up countless tutorials which all say "in GUI Windows Server, right click your CA and select "All Tasks" and then select "Renew Certificate CA" but I can't see that anywhere.

Please help!!

Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,777 questions
{count} votes

Accepted answer
  1. Fan Fan 15,321 Reputation points Microsoft Vendor
    2021-03-04T00:16:20.61+00:00

    Hi,
    Based on my understanding , on a server core, not only the CA ,there is no GUI for other roles either.
    To renew the CA certificate, we need to use the command :

    Command:Certutil -renewCert ReuseKeys renews the CA with the existing key pair
    Command:Certutil -renewCert renews the CA with a new key pair

    More information for your reference:
    https://learn.microsoft.com/en-us/windows/win32/seccrypto/certification-authority-renewal
    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc732443(v=ws.11)?redirectedfrom=MSDN

    Best Regards,

    3 people found this answer helpful.

0 additional answers

Sort by: Most helpful