Assume the following scenario:
- Client computers automatically obtain certificates from an Active Directory integrated certificate authority (Enterprise Certification Authority).
- Expiring certificates are renewed automatically when the clients are on the internal network.
- However, expiring certificates are not automatically renewed when clients are connected via Virtual Private Network (VPN).
- This can result in clients not renewing their certificate in time before it expires and no longer being able to connect to the VPN.