My WSUS self-signed certificate is expiring later this year. In preparation for this I have gone through the procedure again and now have a certificate valid until sometime in 2022.
I have pushed out the new certificate alongside the old one in my Group Policy, and have successfully published and deployed updates using this new certificate.
In a few months, when the old certificate has expired, I expect that if I were to build a new machine from my standard image and attempt to update it, I would have updates fail to install which were signed with the old certificate. If this is indeed the case, what would be the proper method for re-publishing those old but still valid updates when the time comes? Or, is the certificate still considered valid based on it's being valid on the date it was used to sign the update package?
I have pushed out the new certificate alongside the old one in my Group Policy, and have successfully published and deployed updates using this new certificate.
In a few months, when the old certificate has expired, I expect that if I were to build a new machine from my standard image and attempt to update it, I would have updates fail to install which were signed with the old certificate. If this is indeed the case, what would be the proper method for re-publishing those old but still valid updates when the time comes? Or, is the certificate still considered valid based on it's being valid on the date it was used to sign the update package?