RE: Generate CSR for web srv cert with email address via IIS5?
From: Mike Lagase [MS] (mikelag@online.microsoft.com)
Date: 11/11/02
- Next message: Tim Greene: "RE: Diffie-Hellman Key Exchange Algorithm"
- Previous message: edgar: "ldap over ssl"
- In reply to: Rashii: "Generate CSR for web srv cert with email address via IIS5?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: mikelag@online.microsoft.com (Mike Lagase [MS]) Date: Mon, 11 Nov 2002 20:44:08 GMT
If you have a Microsoft Enterprise Root CA installed in your Active
Directory domain, then when you request a certificate from this CA. In the
new certificate, the Subject Alternative Name will have your Principal Name
embedded in the certificate. This is your UPN logon in the Active
Directory. This will allow implicit logons using client certificates in
your AD without the need for adding a Name mapping in the Active Directory.
More information on this UPN mapping can be found at
http://www.microsoft.com/windows2000/techinfo/planning/security/mappingcerts
.asp
Hope this helps.
Mike Lagase
Microsoft Internet Server Support.
- Next message: Tim Greene: "RE: Diffie-Hellman Key Exchange Algorithm"
- Previous message: edgar: "ldap over ssl"
- In reply to: Rashii: "Generate CSR for web srv cert with email address via IIS5?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
