Re: Can I publish a certificate to a network location

From: David Cross [MS] (dcross@online.microsoft.com)
Date: 02/26/03 

From: "David Cross [MS]" <dcross@online.microsoft.com>
Date: Wed, 26 Feb 2003 05:27:12 -0800

Is the web server part of the same domain/forest?

does the CA machine account have WRITE access to that share?

you need a file path in the extensions (like file:\\web server\share name\)
to the web server to have the CRL published there but don't include that
path in the certificates (CDP) extension. only publish the CRL using that
path

and then you have a http:// path that points to that file location that does
go into the CDP extension

that is what you need to do, I hope that makes sense. 

--
David B. Cross [MS]
--
This posting is provided "AS IS" with no warranties, and confers no rights.
http://support.microsoft.com
"Stewart tebay" <stewart@tebay.net> wrote in message
news:064e01c2dcea$e95c3f30$2f01280a@phx.gbl...
> With the checkpoint problem of not being able to read from
> LDAP, we want to publish the certificates to a http
> location.
>
> Normally certificates are published to
> http://%server_dns_name/certenroll/%ca_name%%
> crl_suffix%.crl
>
> so, with iis being on the same box certs are available
> from a http location.  this works file.
>
> However i am trying to publish the certs on a different
> server and so an attempting
> http://otherserver_FQDN/certenroll/%ca_name%%
> crl_suffix%.crl
> but this fails out with a error 560 in eventvwr.
> i can browse to the web page and add / delete files from
> http through the browser, but when installing a cert, it
> does NOT place in the new http share.
>
> Now i tried to see if the cert would install on the local
> machine in a different share c:\cert - shared as cert.
> With file://\\server_fqdn\cert
> i can install the cert into this successfully.
> However if i try to send it to another server shaer
> file://\\other_server_fqdn\cert
> this fails again with a 560 error.
>
> It is by design that i cannot publish a cert to another
> server, be it http or file ?, or i am missing something ?
>
> Thanks in advance.
>
> Stewart

Relevant Pages

  • Re: RWW
    ... Once you hit the RWW page, you can install the cert in IE and the error ... If you are accepting SMTP mail at your server you can use the public DNS ... I can access my server using the WAN IP address on router. ... On the Web Server Cert page it looks like my Web server name: ...
    (microsoft.public.windows.server.sbs)
  • Re: Cant create cert request in IIS6
    ... > - If I try to import a cert from another web site I get close but then ... > to attach it to my web server I get access denied. ... >>>> create a Certificate request for my website I get all the way though ...
    (microsoft.public.inetserver.iis.security)
  • RE: HTTP Send Adapter Error 411
    ... I have never seen HTTP 411 with BizTalk or without. ... "Your Web server thinks that the HTTP data stream sent by the client (e.g. ...
    (microsoft.public.biztalk.general)
  • Re: Post SP1 Outlook over HTTP
    ... If you didn't export your certificate and reimport it at the server under ... When you get the Security warning select to install the cert ... > Outlook Web Access works fine. ... > over HTTP after ISA2004? ...
    (microsoft.public.windows.server.sbs)
  • Re: RWW
    ... Once you hit the RWW page, you can install the cert in IE and the error will ... If you are accepting SMTP mail at your server you can use the public DNS ... I tried setting up RWW but in the CEICW I cannot get access to my ... On the Web Server Cert page it looks like my Web server name: ...
    (microsoft.public.windows.server.sbs)