Hi My Friend,

Yes, this is possible, but it isn’t something ServiceNow supports out of the box with a simple setting. Renewal tasks can be created automatically, but integrating them with an internal Microsoft CA (AD CS) requires some form of automation or integration.

Typically, the approach is:

• ServiceNow generates the renewal task when a certificate is nearing expiration.

• A workflow or integration submits the CSR to the internal Microsoft CA.

• The CA issues the renewed certificate.

• ServiceNow retrieves and updates the certificate record.

This is usually done through a MID Server with PowerShell, Microsoft CA enrollment web services, or SCEP/NDES, depending on how your AD CS environment is set up.

If renewal today is manual, you can still route tasks to the PKI team without integration. Full automation though, requires connecting ServiceNow to the internal CA.

@lzamp - If help you answer, Please mark Solution Accepted and Thumbs Up