000021330 - How to configure the Certificate Renewal Policy

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021330
Applies ToKeon Certificate Authority 6.0.2
IssueHow to configure the Certificate Renewal Policy
ResolutionIn addition to the KCA documentation, use this procedure to configure the Certificate Renewal Policy used by KCA to renew certificates:

1. Go to the "CA Operations" workbench in the KCA Administrative Web interface

2. On the left pane, select the CA that will be configured from the cascading list

3. On the right pane, under the "Jurisdiction Configuration:" heading, select the Jurisdiction to be configured and click on "Configure"

4. Under the "Sections" heading, select "Certificate Renewal Policy"

5. The available options to configure are:

 a. General Renewal Policy:
  - Cannot renew at all
  - Can only renew unexpired certificate
  - Can renew expired or unexpired certificate

 b. Renewal period (0 minutes to six months prior to the expiry date)

 c. New validity start date:
  - The date that the certificate is renewed
  - The expiry date of the original certificate

 d. New validity period:
  - Use certificates current validity period
  - Set new validity period (from validity start date)

6. Finally, click on "Save" or "Save and Exit"
Legacy Article IDa14721

Attachments

    Outcomes