After publishing to AD PKIVIEW is not reflecting crt, AIA and CDP
it won't until you renew your Issuing CA certificate which must be signed with new policy CA certificate.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Installed new Policy CA certificate but don't want to use it now - Can this be removed from CA as it not shows in Manage AD containers ..
How to remove this certificate from CA
After publishing to AD PKIVIEW is not reflecting crt, AIA and CDP
it won't until you renew your Issuing CA certificate which must be signed with new policy CA certificate.
Hi,
Not sure how your PKI environment is deployed. If possible, you can tell more information about the environment.
Based on my understanding, CA certificate can't be deleted if it was not expired.
Do you want to delete the policy CA certificate from the policy ca or the sub-issue CAs?
Best Regards,
Hi FanFan
The certificate was signed from Root and installed on PolicyCA --- After publishing to AD PKIVIEW is not reflecting crt, AIA and CDP-
can we delete the policy CA cert Or revoke this certificate -- and submit "Renew CA Certificate" on PolicyCA and sign new certificate will this resolve the issue --- ?
Following steps performed for PolicyCA crt
Renewed CA cert with new key pair
Copied the following files to AD FS location (for CDP/AIA)
CertEnroll\IntCA(1).crt
CertEnroll\IntCA(1).crl
Published IntCA to AD FS
certutil -dspublish -f " - " SubCA