I have a client that is running their own AD CS, on Server 2008 R2 Datacenter. I can request certificates, but I need to get some very specific certificates for a FortiGate / FortiClient to work correctly with the certificates.
As it sits, for each client, I need to download the CA Certificate, in Base64 format, and install into "Trusted Root Certificate Authorities / Certificates". I then need to go back on, and request a user certificate (High grade), which seems to then install into my browser (Firefox). I then need to import it back into the system, where it now will go into my Windows certificates.
If there is any way to simplify this into a custom certificate request, or to make available a choice when connected to the CA Server's webpage (such as a button choice for "ForticClient certificate request), that downloads both of the necessary certificates in one step? Or is there anything I can do with any sort of script?
The second part to my question is that their certificates are set for 1-year expiration - is there any easy way to auto-renew these, perhaps when the certificate is 10 days away from expiration, or do these certificates need to be re-requested by each client?
Thank you for any replies / advice.