Hi Everybody,
today I've got a little question regarding automatic enrollment of user/computer certificates in Windows. I've got an existing Enterprise CA where the CRL Distribution Point via http is missing. Clients have already requested certificates automatically via group policy setting, so certs have been issued with this CRL mssing the right CRL Distribution Point.
After I've added the HTTP CRL Distribution now, how do clients get their new certificates with the right CRL Distribution Points? Do I only have to revoke their existing certificates, and the client requests a new one with the right CRL Distribution points? Is there an option to automatically let the client renew the certificate before it reached it's end date?
Thanks in advance for shedding some light.
Tom