Is it possible to have each RDS session host automatically (renew) its RDS certificate?
I have created the RemoteDesktopComputers template in the Enterprise CA and went through the request certificate wizard on each session host. The proper template was found, I customized the CN and SAN to include the farm name as well as individual server names and it went through successfully, enrollment succeeded. I'm just looking to know if I can have these renew on their own instead of manual renewal when they get close to expiring. Would setting the auto-enroll security permission on the template do the trick?
Also, since the Subject name settings are set to "supply in request" and "use subject information from existing certificates for autoenrollment renewal requests", and I only allow the Terminal Servers group to enroll, auto-enroll, and read - is Requiring CA Certificate manager approval necessary in this scenario?
Thanks in advance.