In my previous job as a hired consultant I generally wanted the Lync/Skype for Business servers to have certificates lasting beyond the two year default validity period. Why? Because I, along with the customer, would consider a Lync or Skype for Business solution to have a horizon stretching beyond two years – and therefore issuing a certificate that would expire only after two years would be meaningless.
There are a few things more to this than just creating a template that will allow you to issue a certificate with more than 2 years validity, like the default web server template. While setting up a CA in an external test environment I had to revisit this subject and it had me searching for Jeff Guillet’s nice article on the matter:
http://www.expta.com/2010/08/how-to-create-certificates-with-longer.html
With just these few and simple steps you can easily control the validity of certificates by adjusting the templates accordingly.
All credits to Jeff!
Rune's blog about things I see and UC 
Reblogged this on Universal Communications, My experiences. and commented:
Nice post, should be carried out in every environment where internal certificates are in use. Having the Lync/Skype for Business service beeing interrupted every second year because of short term internal certificates is nothing else but annoying.