Hi,
Following is the infrastructure of my network
root domain: abc.co.uk
1x Server 2008 R2 DC
1x Server 2012 R2 DC
child domain1: domain1.abc.co.uk
2x Server 2008 R2 DC
child domain2: domain2.abc.co.uk
2x Server 2008 R2 DC
child domain3: domain3.abc.co.uk
1x Server 2008 R2 DC
1x Server 2012 R2 DC
Going through MMC >> Certificates (Local Computer) >> Personal >> Certificates on each Server 2008 R2 domain controllers, A certificate (Client Authentication, Server Authentication) has been expired. These expired certificate says they have been issued by "ABC Root CA". From one of the DC if I run "certutil -config - -ping" command then it shows following Certificate Authority:
DOMAIN1 Root CA - DC1.domain1.abc.co.uk
DOMAIN2 Root CA - DC1.domain2.abc.co.uk
DOMAIN3 Root CA - DC1.domain3.abc.co.uk
All the above three DCs used to be Server 2003 and they dont...