Certificate Server
From: Mike Benner (mbenner@airmail.net)
Date: 10/02/02
- Next message: Simone: "System blocked on beginning for 5 minutes"
- Previous message: Mathias: "Set up policies on client computers"
- In reply to: Chris Hankins: "Certificate Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mike Benner" <mbenner@airmail.net> Date: Tue, 1 Oct 2002 23:11:58 -0700
I'll hazard a guess. The answer depends on wheather or
not you've installed a root CA or a subordinate CA. I'm
going to guess you have a subordinate CA and need a
certificate installed so that the services will operate
properly. To see if this might be the case open the MMC
CA snapin to see if the CA has a green check mark next to
it's name. If it doesn't you may just need to generate a
certificate request for the CA. To do this right click on
the name of the subordinate CA. This will give you a menu
with an option to request a certificate, either from a
machine that's online or from a machine that's offline.
Follow the wizards instructions for generating a request
file. The request in this file can be pasted into an
advanced certificate request form if you're running a
Microsoft CA, or if you want to get a certificate from a
third party such as Verisign you can past this request
into their request form. Once you have the new cert go
back to the MMC Certificate snapin and install the new
certificate. At this point you should be able to start
the certificate services and request new certs.
If this is a root CA you'll need to generate a self signed
certificate and install that on the macine.
Hope this helps. If this is not what you needed you can
contact me at mbenner@airmail.net.
One final thought. For security and operational reasons I
wouldn't run anything on a CA other than the CA software.
If there's a way you can afford to let this machine be a
CA and only a CA you'll be better off.
Regards
Mike Benner
>-----Original Message-----
>I have recently installed a stand alone CA on a Windows
>Update Server for our internal network. This box is a
>Win2k server with SP3 installed. When a user does a
>request for a new certificate one recives the error:
>
>Failed to create 'CertificateAuthority.Request' object.
>
>I have removed and reinstalled the certificate services
>and replaced SP3 on the box after the installs. I still
>recieve this error. Before I could get this far I had to
>install q323172 to get it to process the request. I have
a
>feeling that the patch is what is keeping it from working
>but not going to bet the farm on it. Has anyone had this
>problem and fixed it. Please let me know all ideas are
>welcome at this point.
>
>Thanks
>
>Chris Hankins, CCNA,MCP,MCSA
>LAN Administrator
>Nexiq Technologies, Inc.
>hankins@nexiq.com
>.
>
- Next message: Simone: "System blocked on beginning for 5 minutes"
- Previous message: Mathias: "Set up policies on client computers"
- In reply to: Chris Hankins: "Certificate Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
