Re: Key Recovery Agent in .NET CA
From: D. Cross (vaq130@alias.hotmail.com)
Date: 06/28/02
- Next message: Keith W. McCammon: "Re: IP GAPPING - Tricky one"
- Previous message: Michel Gallant: "Re: Key length question"
- In reply to: Rene: "Re: Key Recovery Agent in .NET CA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "D. Cross" <vaq130@alias.hotmail.com> Date: Fri, 28 Jun 2002 07:15:07 -0700
I search on "version 2 templates" and this is the first hit in the search
list:
Version 2 certificate templates
Windows .NET Enterprise Server and Windows .NET Datacenter Server
certification authorities support two types of certificate templates:
version 1 and version 2. Version 2 templates are new to Windows .NET Server
family. They allow customization of most settings in the template. Several
preconfigured version 2 templates are supplied in the default configuration,
and more can be added as necessary. This allows complete configuration
flexibility for administrators.
Version 2 templates are only available as part of a certification authority
installed as an enterprise certification authority. For that reason, they
require Active Directory. Although Version 2 templates can be created and
duplicated in Windows .NET Server family, certificates based on Version 2
templates can only be issued by a certification authority running Windows
.NET Enterprise Server or Windows .NET Datacenter Server.
-- David B. Cross [MS] -- This posting is provided "AS IS" with no warranties, and confers no rights. "Rene" <rene.brutschin@trivadis.com> wrote in message news:1355201c21e78$f1536b40$19ef2ecf@tkmsftngxa01... I've read the server help files again. All what I've found is this: "You must have a Windows .NET Server family domain controller. The Windows .NET Server family domain controller must also be configured as an enterprise root or subordinate CA." Sorry, but I cannot find this chapter you are mentioning. >-----Original Message----- >No, what I mean is that Windows .NET Server Enterprise Edition with a CA >installed as an enterprise CA supports v2 templates. > >This is documented in the server help files. > >-- > >David B. Cross [MS] > >-- >This posting is provided "AS IS" with no warranties, and confers no rights. > >"Rene" <rene.brutschin@trivadis.com> wrote in message >news:12fb901c21de0$e87d49c0$19ef2ecf@tkmsftngxa01... >> David, >> >> Thanks, but I cannot find the information that version 2 >> templates are only supported from .NET server enterprise >> edition. What they mean is that only an Enterprise CA >> supports version 2 templates. >> >> Rene >> >> >> >-----Original Message----- >> >are you running an enterprise edition version of >> Windows .NET Server? >> > >> >version 2 templates may only be used by servers running >> enterprise edition >> > >> >http://www.microsoft.com/windowsxp/pro/techinfo/planning/p >> kiwinxp/default.as >> >p >> > >> >-- >> > >> >David B. Cross [MS] >> > >> >-- >> >This posting is provided "AS IS" with no warranties, and >> confers no rights. >> > >> >"Rene" <rene.brutschin@trivadis.com> wrote in message >> >news:fdf701c21b6f$96dcae80$36ef2ecf@tkmsftngxa12... >> >> I am trying to set up the new Key Recovery Feature >> >> from .NET Certificate Services (Windows .NET Server >> >> Standard Build 3604) but I cannot configure the >> Enterprise >> >> CA certification authority to issue Key Recovery Agent >> >> certificates. >> >> >> >> When I right-click Certificate Templates in the MMC and >> >> then "New" there are only Version 1 Templates visible. >> The >> >> desired Version 2 Template "Key Recovery Agent" is not >> >> there. >> >> >> >> Any ideas? >> >> >> >> Thanks >> >> Rene >> >> >> >> >> >> >> > >> > >> >. >> > > > >. >
- Next message: Keith W. McCammon: "Re: IP GAPPING - Tricky one"
- Previous message: Michel Gallant: "Re: Key length question"
- In reply to: Rene: "Re: Key Recovery Agent in .NET CA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
