-----Original Message-----
microsoft.public.win2000.security
Two years ago, I configured a private CA store, the Root
CA certificate has expired, I've tried to renew but I
alwaus get Access Denied Errors, I found the following Q
articles but still no luck,,, any ideas ???
Tks
Is it an enterprise or a standalone CA. For a standalone CA, you must
be a local Adminstrator of the computer, and for an enterprise CA, you
must be a local Administrator and member of the Enterprise Admins.
Also, do you have a capolicy.inf file in the %windir%.
The CAPolicy.inf should have the following entries:
[certsrv_server]
renewalkeylength=2048
RenewalValidityPeriodUnits=20
RenewalValidityPeriod=years
These define the renewal private key settings.
Other settings are required and are discussed in the Best Practices WP
http://www.microsoft.com/technet/prodtechnol/windowsserve r2003/maintain/
operate/ws3pkibp.asp
Brian
.
