Hello, first off, this is a legacy machine and will be phased out in the coming months. In the mean time, I want to do some testing with email encryption. I remember in the past that I was able to go through the certsrv interface and get a user certificate and use that with email, however when I create the certificates now, it uses the old, expired CA certificate instead of the new one.
I tried removing the old one and all sorts of heck broke loose (CA service wouldn't start). I tried then reinstalling the old certificate and it still wouldn't start. I'm currently restoring from backups from this morning and thought I might turn to the community to help.
So my question boils down to: how do force user certs to be issued using the non expired certificate?
Thanks