Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to renew certificates??

unclerico_
New Contributor
‎01-04-2012 05:55:PM
‎01-04-2012 05:55:PM

How to renew certificates??

Running SA2500 on 7.1R1.1 with host checker policy set to look for machine cert and realm authentication looking for user cert. My certs are coming up for renewal on 1/24 and am wondering how in the world my road warriors are going to be able to authenticate once I renew. The only thing I can think of is to disable the host checker policy and remove the client-side requirement so they can log in and refresh group policy so that the autoenrollment kicks off to automatically renew the certs. I can't be the only one that has run into this issue, so please, let me know how you solved it.

0 Kudos
2 REPLIES 2
Lilja_
Frequent Contributor
‎01-05-2012 01:02:AM
‎01-05-2012 01:02:AM

Re: How to renew certificates??

I think this should work:

Add the new CA-cert as a "trusted for client authentication" certificate and add it to your host check rule. If you use CRL for your old CA, turn it off until all machines has been enrolled a new certificate from the new CA..

0 Kudos
unclerico_
New Contributor
‎01-07-2012 08:31:AM
‎01-07-2012 08:31:AM

Re: How to renew certificates??

Hey Lilja,

It ended up being really painless to do. I renewed all of my certs in the chain (even the root) and exported them to the IVE. I now have my old CA chain listed as well as my new CA chain listed. On 1/25 I'll delete my old one in order to clean up. OCSP and CRL are working as expected with the new certs. Thanks for the feedback.

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.