Question : Microsoft certificate service validity period and expiration date confusion

A while ago i created a self-signed certificate on a Windows 2003 standard edition valid for 100 years. The server that was used to create the certificate was destroyed but the certificate is still valid and still in use.

I have a project in which i will have to create other certificates but there seems to be a limitation with standard windows 2003 and i cannot understand how i managed to created the 100 years certificate.

I am confused about this Microsoft article

As per Microsoft Article ID: 254632 it says:

The validity period that is defined in the registry affects all certificates that are issued by Stand-alone and Enterprise CAs. For Enterprise CAs, the default registry setting is two years. For Stand-alone CAs, the default registry setting is one year. For certificates that are issued by Stand-alone CAs, the validity period is determined by the registry entry that is described later in this article. This value applies to all certificates that are issued by the CA.

For certificates that are issued by Enterprise CAs, the validity period is defined in the template that is used to create the certificate. Windows 2000 and Windows Server 2003 Standard Edition do not support modification of these templates. Windows Server 2003 Enterprise Edition supports Version 2 certificate templates that can be modified. The validity period defined in the template applies to all certificates issued by any Enterprise CA in the Active Directory forest. A certificate that is issued by a CA is valid for the minimum of the following periods of time:

The registry validity period that is noted earlier in this article.

This applies to the stand-alone CA, and Subordinate CA certificates issued by the Enterprise CA.
The template validity period.

Seems like i need a Microsoft Enterprise edition to modify the validity date but i did not have one when creating my 100 years certificate.

There must be something that i am missing

Answer : Microsoft certificate service validity period and expiration date confusion

Templates are just that - predefined settings or group of settings options (like you can select 1024 or 2048 bit key length, but not 512) for issuing certificates. It will define what key usages to apply, the validity period of the issued cert, and so forth. Normally these would be used for issuing certs to the end user or computer, not for CA servers.

In your case you would want to use the registry settings and renew.

Random Solutions

Configuring a 2811 router to acts as Call Manager for VoIP with 7940

FTP connection problems with nas

Problems occurred when invoking code from plug-in: "org.eclipse.jface".

Port 3268 on Windows 2000 PDC not listening

Unable to wirelessly sync contacts, tasks, calendar and email with Exchange 2003.

Cisco ASA5510 - no DNS for VPN clients

Routing packets to different gateways

CISCO Password Recovery - %AAAA-3-INVSTATE:unknown

Cannot browse to intranet web site. problems with hosts file?

Is it possible to have a Wired and Wireless network where the wired network is local only and the wireless provides internet access?