I set up a Root CA with two intermediate CAs: one for SSL and one for VPN clients.
When I try to renew the root certificate (with 'replace old certificate' checked), I get the popup with "Succesfully created the certificate ... etc"
After I click OK on the popup, the old certificate is deleted.
It seems however that in that proces the link between Root CA and intermediate CAs is broken, and both intermediate CAs are now top level. When I right-click on the intermediate CAs, there is no 'renewal' option in the dropdown menu.
How can I renew the Root CA without breaking the link to the intermediate CAs?
Maybe I configured something wrong when building the root and intermediate certificates?
They have different private keys, different internal and common names, I set the basic constraints for all to CA, and key usage to Certificate Sign, CRL Sign. The intermediate CAs were signed with the root CA.
Thanks, Bart
I set up a Root CA with two intermediate CAs: one for SSL and one for VPN clients.
When I try to renew the root certificate (with 'replace old certificate' checked), I get the popup with "Succesfully created the certificate ... etc"
After I click OK on the popup, the old certificate is deleted.
It seems however that in that proces the link between Root CA and intermediate CAs is broken, and both intermediate CAs are now top level. When I right-click on the intermediate CAs, there is no 'renewal' option in the dropdown menu.
How can I renew the Root CA without breaking the link to the intermediate CAs?
Maybe I configured something wrong when building the root and intermediate certificates?
They have different private keys, different internal and common names, I set the basic constraints for all to CA, and key usage to Certificate Sign, CRL Sign. The intermediate CAs were signed with the root CA.
Thanks, Bart