Re: x509 certs for Wyse terminals and printers



Yeah but I (a user) am trying to create a wks cert. I can do it for a web
server, why not a wks? :-)

Anyway, I'm a bit closer now and heading in the right direction. Thanks guys.

F.

"Brian Komar (MVP)" wrote:

They are not domain members. If I remember correctly, you need to request
user certificates for the device.
You also have to decide whether to request one certificate per, or to
implement a common certificate that is burned into the image of the
terminal.
In either case, you need to save the certifciate and key pair in to the
permanent RAM of the system.
It will not appear in the Web page as you are connecting as a user and the
workstation auth is a computer certificate only for computers with accounts
in AD.
BRian

"Ferg" <Ferg@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0D1BFCA2-6BDB-4D6D-BFCB-6BE2AC03A41E@xxxxxxxxxxxxxxxx
Thanks for the reply Brian,

Network has 802.1x so we need to have certs for authentication on the
network. The workstations are enrolled automatically but these other
devices
that can't create the certs themselves must have them created for them.

I would imagine we can use the Workstation template, but I've not worked
out
how to create one of these manually (it doesn't show up from the drop-down
list when I select "Advanced Certificate Request".

Ferg.

"Brian Komar (MVP)" wrote:

What do you plan to do with the certificate?
You need to provide way more details.
Brian

"Ferg" <Ferg@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:48886303-524E-4177-821B-1BFAC48C3CD8@xxxxxxxxxxxxxxxx
*****Additional post - is in General Discussion, but latterly found
this
NG*****
Hey folks,

I wonder what's the best way to go about creating certficates (from a
Win2003 CA) for non-domain devices - Wyse terminals and printers?

I guess I can create them from a WinXP client and import the pfx file
onto
the device, but would it need any more than that - a custom template or
so?

Cheers,

Ferg.





.



Relevant Pages

  • Re: Certificates, Autoenrollment, Credential Roaming and Users Personal Store
    ... If you are using certificate roaming there really is no need to enable the "Do not automatically reenroll if a duplicate ... What type of certs are you issuing? ... deleted from the user's personal store on a workstation. ...
    (microsoft.public.security)
  • Re: ADFS and Certificate Services
    ... ADFS even allows you to do client certificate ... Joe Kaplan-MS MVP Directory Services Programming ... We just want to be able to give out certs to our own ... sub-CA on the internet for employees to access remotely to get certs. ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADFS Proxy Cert issue
    ... know the command line for requesting a proper client certificate though. ... you would start getting these certs from the CA that you will ... FSP setup better. ...
    (microsoft.public.windows.server.active_directory)
  • Re: HP Procurve 2626 - port-based access IAS EAP-LTS doesnt work
    ... It depends on how you deploy EAP-TLS -- are you using computer certs ... The first thing is to make sure the client and user certificates are ... To configure the certs, you must open Certificate ...
    (microsoft.public.internet.radius)
  • Re: X509 Cert Services Cert
    ... oddest thing is that my Versign certs seem to work fine (with certificate ... for some reason cert service certs don't work for me. ... Ensure that the web service will have access to its private key in the ... > pressing Add, typing ASPNET, and then pressing OK. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)