In GPO auto-enrollment enabled but other options not ticked(renewal for expired certificates and certificate distribution). In certificate template(computer template), under security tab I am seeing only read/write/enroll but no autoenroll(because it is a built in template v5.1). And CA issuing a computer certificate automatice.
By this april, huge number of certificates will start to expire, my question is, will auto renewal(need new keys) trigger for expiring certificate by current system. Or can we do revoke the expiring certificate and GPO will trigger to issue new certificate(auto enroll)?