Renew a Certificate with the Same Key

  • Article

Applies To: Windows Server 2008

Renewing a certificate with the same key allows you maximum compatibility with past uses of the accompanying key pair, but does nothing to enhance the security of the certificate and key pair.

Users or local Administrators are the minimum group memberships required to complete this procedure. Review the details in "Additional considerations" in this topic.

To renew a certificate with the same key

  1. Open the Certificates snap-in for a user, computer, or service.

  2. In the console tree, click Certificates - Current User, select Personal, and click Certificates.

  3. In the details pane, click the certificate you are renewing.

  4. On the Action menu, point to All Tasks, select Advanced Operations, and then click Renew this certificate with the same key to start the Certificate Renewal Wizard.

  5. If more than one certificate is listed in the Request Certificates window, select the certificate that you want to renew. Do one of the following:

    • Use the default values to renew the certificate.

    • Click Details and then Properties to provide your own certificate renewal settings. You need to know the certification authority issuing the certificate.

  6. Click Enroll. After the Certificate Renewal Wizard has successfully finished, click Finish.

Additional considerations

  • User certificates can be managed by the user or by an administrator. Certificates issued to a computer or service can only be managed by an administrator or user who has been given the appropriate permissions.

  • To open the Certificates snap-in, see Add the Certificates Snap-in to an MMC

  • Once renewed, the old certificate will be archived.

  • You can use this procedure to request certificates from an enterprise certification authority only. To request certificates from a stand-alone certification authority, you need to request certificates by means of Web pages. A Windows certification authority has its Web pages located at https://servername/certsrv, where servername is the name of the server that hosts the certification authority.