How to configure the Certificate Renewal Policy
Originally Published: 2003-01-10
Article Number
Applies To
Issue
Resolution
1. Go to the "CA Operations" workbench in the KCA Administrative Web interface
2. On the left pane, select the CA that will be configured from the cascading list
3. On the right pane, under the "Jurisdiction Configuration:" heading, select the Jurisdiction to be configured and click on "Configure"
4. Under the "Sections" heading, select "Certificate Renewal Policy"
5. The available options to configure are:
a. General Renewal Policy:
- Cannot renew at all
- Can only renew unexpired certificate
- Can renew expired or unexpired certificate
b. Renewal period (0 minutes to six months prior to the expiry date)
c. New validity start date:
- The date that the certificate is renewed
- The expiry date of the original certificate
d. New validity period:
- Use certificates current validity period
- Set new validity period (from validity start date)
6. Finally, click on "Save" or "Save and Exit"
Related Articles
Error: 'Unable to install the certificate. Error code: 80004005' ; certificate renewal fails for encryption certificate to… Number of Views Endpoint Agents Certificate Renewal Pending error in RSA Data Loss Prevention 9.6 and later Number of Views Certificate renewal to hardware storage device such as a USB token Number of Views Error: 'VBScript: certificate renewal' appears when installing a certificate using Microsoft Internet Explorer 6.0. An err… Number of Views All endpoint agents' status went to error with “Certificate Renewal Pending” in RSA DLP Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) Supported On-Demand Authentication (ODA) SMS providers for use with RSA Authentication Manager 8.x Deploying RSA Authenticator 6.2.2 for Windows Using DISM
Don't see what you're looking for?
