Hi,
I want to renew a user certificate with the same key pair (efs and authentication) which was created by using a enrollment certificate agent.
I want to use the same process whithout the ability for the end user to renew the certificate by himself.
When I try to renew the certificate with the same key, using enrollment agent account and certificate for signing, I have an error "invalid certificate attribute". I assume that te renewal has to be signed with the previous end user certificate.
If I choose the end user certificate for request signing, it's not accepted. I've checked the "valid certificate existence" for renewal in the template, but it seems that te renewal request has to be signed by the enrollment agent certificate. (no signing certificate accepted)
I tried to renew the certificate with another key pair, (enrollment agent certificate for signing). A new certificate is created, but for the enrollment agent account.
Is there a way to renew a certificate for an end user with the same key pair, using an enrollment agent certificate and account ?
Thanks for your help