Change the RootCA Validity Period
certutil -setreg ca\ValidityPeriod “Years”
certutil -setreg ca\ValidityPeriodUnits “10”
When new certificates are generated for the subordinate this will cause the default lifetime for the subordinates to have the same vailidity period as the root CA, therefore change the vailidity period on the subordinate.
Change the subordinateCA Validity Period
certutil -setreg ca\ValidityPeriod “Years”
certutil -setreg ca\ValidityPeriodUnits “1”