15.7 Key and certificate update


To provide better security, cryptographic keys and certificates should be updated regularly. Windows supports both manual and automatic key and certificate updating.

In Windows Server 2003, automatic certificate update is available for both machine and user accounts. Machine and user certificates that are set up for automatic enrollment will also be automatically updated when the autoenrollment event occurs.

To update your proper user keys and certificates manually, you must use the Certificates MMC snap-in. You can choose to renew an existing certificate using the same keys or using a newly generated key pair.

The manual updating of the keys and certificates of a Windows Certification Authority requires a special procedure that is discussed in Chapter 16 when we discuss CA rollover.




Windows Server 2003 Security Infrastructures
Windows Server 2003 Security Infrastructures: Core Security Features (HP Technologies)
ISBN: 1555582834
EAN: 2147483647
Year: 2003
Pages: 137
Authors: Jan De Clercq

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net