Thank you Brian. I test two ways and both works.
--
Unai Castro
MCP Windows 2003, XP, Exhcange 2003
"Brian Komar (MVP)" wrote:
> There are two different ways used:
> 1) Verify that the clm.config.exe.config file references the correct CSP
> used for the agent certificates (You may change it if using an HSM to
> protect the keys). Then run the configuration wizard again. This does
> involve retyping all agent passwords, but will issue new certificates for
> the three agent accounts. The wizard will update the web.config file. You
> will have to verify that the correct KRA certificates is available at all
> enterprise CAs in the environment. (and may have to delete the
> expired/expiring certificate).
>
> 2) Log in as each clmAgent and renew the certificate manually. Once renewed,
> you must update the web.config file with the new thumbprint of the new
> certificates. Pnly the clmenrollagent and clmagent accounts have references
> in the web.config file. The key is to search for the words "hash" and
> "hashes". In the case of "hash", replace the current value with the new
> thumbprint (removing the spaces). In the case of hashes, add the new
> thumbprint (removing the spaces), separated by commas (may be semi-colons,
> check the comments above the line.
>
> HTH,
> Brian
>
> "Unai Castro" wrote in message
> news:BD16F15E-2D0E-4719-96B1-441F5723552B@microsoft.com...
> > Hello,
> >
> > What happend when clm users (clmagent, clmkragent and clmenrollanget)
> > certificates expired? CLM can renew this users certificates or I need
> > request
> > renew for this users?
> >
> > Regards,
> > --
> > Unai Castro
> > MCP Windows 2003, XP, Exhcange 2003
>
>