S/MIME Certificate renewal in EX2K3 infrastructure

01/10/2008 - 14:31 von Andreas.Konrad | Report spam
Hi all,



I've implemented secure messaging as described here:
http://www.msexchange.org/tutorials..._2003.html



In my GPO I configured Autoenrollment and checked the two boxex "Renew
expired certificates..." and "Update certificates..."

The renewal period in my template is 6 weeks and the certificate expires
after one year.



Now I'm wondering why it is necessary to keep the old certificate in my
certificate store after getting a new one within the renewal period. If I
remove the old one I am not able to decrypt mails being encrypted by using my
old public key.

I thought the private key remains the same if the certificate is renewed and
I would be able to decrypt mails that are encrypted with both public keys -
the old and the new one.



Can anyone arrange my ideas? :-)



Thanks a lot

Andy
 

Lesen sie die antworten

#1 Jens Baier
01/10/2008 - 19:40 | Warnen spam
Hi,

I thought the private key remains the same if the certificate is renewed
and
I would be able to decrypt mails that are encrypted with both public
keys -
the old and the new one.



Der Private Key wird immer neu sein, bei einem neuen Cert.

Gruss Jens
www.it-training-grote.de/blog
www.it-training-grote.de
www.nt-faq.de

Ähnliche fragen