Hi,

in most Active Directory Enviroments the Certificate Enrollment is active which generates and enrolls a certificate for each client. This can be used for Radius authentication or as certificate for an IIS webserver.

Typically the client renews this certificate itself.
Continue reading Windows: Renew a machine certificate →