![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 43%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
20,212 questions
Hello @Chong ,
By default, the lifetime of a certificate that is issued by a Stand-alone Certificate Authority CA is one year. After one year, the certificate expires and is not trusted for use.
There may be situations when you have to override the default expiration date for certificates that are issued by an intermediate or an issuing CA.
Various applications that use certificates and Public Key Infrastructure (PKI) might experience intermittent problems, such as connectivity errors, once or twice per day/week.
These problems occur because of failed verification of the end-entity certificates. Affected applications might return different connectivity errors, but they will all have untrusted root certificate errors in common. Below is an example of such an error and resolving techniques are mentioned in the below link:
For further details on how to change the validity period of a certificate that is issued by the Certificate Authority (CA). do follow the below link
Hope this answers all your queries, if not please do repost back.
If an Answer is helpful, please click "Accept Answer" and upvote it : )
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 65%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)