Hi All,
The scenario here is, We have policy of issuing the server certificates with the validity of 4 years (due to some internal restrictions). Currently the Subordinate CA certs are expiring soon by Sep 2017 i.e. less than 3 years.
The challenge here is If we renew the existing Subordinate CA certs, then we need to reissue all certificate issued so far. Which we don't want to do and not an option right now. or is there any alternatives/ Just renewing existing certs by retaining the existing Private keys, will it work ?
another option having the 3rd Subordinate cert with min validity of 4 year and use it till the other 2 certs expiry date?
Please Suggest
Thanks in advance
Prasad