What controls the timing of the Windows Certificate Services event "Close to expiration" ID 1003?

bchen

7/18/23, 4:24 PM

I have a Windows Server which started logging this warning event 36/37 days before a certificate's expiry date and I would like to understand what controls/sets this timing and how it can be configured.

The certificate in question was not auto-enrolled.

Ultimately, I would like to use this event to send a notification X days before the cert is going to expire.

The source of this event in Event Viewer is CertificateServicesClient-Lifecycle-System>Operational

See here for more context: https://social.technet.microsoft.com/wiki/contents/articles/14250.certificate-services-lifecycle-notifications.aspx

0 + 0

windows-event-log

eventviewer

ad-certificate-services

windows-server-2019

Score:0

Server

Crypt32

7/18/23, 5:29 PM

The certificate is considered as "about to expire" in Windows after it reaches 90% of its validity. You can configure this in GPO as specified in referenced TechNet Wiki article's "Settings for Autoenrollment added to Group Policy" section: Computer/User Configuration, Windows Settings, Security Settings, Public Key Policies, Certificate Services Client - Auto-Enrollment.

0 + 0

bchen

7/21/23, 1:17 PM

Does that "log expiry events" setting in the Enrollment Configuration Policy apply for non auto-enrolled certificates like in my case? or if the GPO is not enabled?

bchen

7/21/23, 1:45 PM

I just checked and the server in question isn't in the scope of any of our auto enrollment policies. I'm speculating that 90% remaining validity might be a implicit default and I might need to have that GPO applied to the server to adjust it?

Crypt32

7/21/23, 2:46 PM

If policy is not applied, then 90% is default value.

bchen

7/25/23, 3:17 PM

Thanks! that bears out in my testing.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: What controls the timing of the Windows Certificate Services event "Close to expiration" ID 1003?

TH: อะไรควบคุมเวลาของเหตุการณ์ Windows Certificate Services "ใกล้จะหมดอายุ" ID 1003

RO: Ce controlează momentul evenimentului Windows Certificate Services „Aproape de expirare” ID 1003?

RU: Что управляет временем события службы сертификации Windows «Истечение срока действия близко к сроку действия» с идентификатором 1003?

VI: Điều gì kiểm soát thời gian của sự kiện Dịch vụ chứng chỉ Windows "Sắp hết hạn" ID 1003?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.