The Encryption Management Server Administrator's Guide states that the Organization Key automatically renews itself one day before its expiration date.
However, while Encryption Management Server renews other managed keys one day before their expiration dates, it renews the Organization Key 31 days before its expiration date. By default, its expiration date will be updated to one year after the date it was renewed. Only the expiration date is modified, all other attributes remain the same.
Note that the Organization Certificate, if present, does not get renewed automatically. Once the Organization Key has been renewed, delete the Organization Certificate and create a new one. The new Organization Certificate will have the same expiration date as the renewed Organization Key.
Symantec Encryption Management Server release 3.4.2 and above.
If the Organization Key has not been renewed automatically 31 days prior to expiry, please contact technical support.
The Encryption Management Server Administrator's Guide will be corrected in a future release.