Re: Microsoft CA not installing trusted root path in local computer store

From: krish shenoy[MS] (kshenoy_at_online.microsoft.com)
Date: 06/11/03

• Next message: krish shenoy[MS]: "Re: Certificate Services Error"
• Previous message: krish shenoy[MS]: "Re: Offline Root CA"
• In reply to: izael: "Microsoft CA not installing trusted root path in local computer store"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 11 Jun 2003 13:21:57 -0700

No. The CA should not automatically add itself to the trusted root store of
the local machine for security reasons

-- 
This posting is provided "AS IS" with no warranties and confers no rights.
Use of any included samples is subject to the terms specified at
http://www.microsoft.com/info/copyright.htm"
"izael" <izael.ochoa@reforma.com> wrote in message
news:d51193cc.0306111108.c04f65d@posting.google.com...
> Hi everyone, I have a problem with microsoft certificates,
>
> I installed a standalone root CA, I use it to validate vpn l2tp/IPSec
> conections, the problem is that when I try to install the root
> certification path for the CA in the client machine (XP or win 2000)
> using the web page, it is installed in te user certificates store, and
> not in the local computer certificates store. IPsec does not recognize
> the certificate if it isnīt in the local computer store, so the vpn
> conexion fails with error 786 (no valid certificate installed). I have
> to manually export the certificate to the trusted root certificates,
> in the local computer certificates store.
>
> Is there any why to make the CA server automatically install the
> certification path in the root directory of the local computer
> certificates store instead of the user certificates store?
>
> thanks in advance

---

• Next message: krish shenoy[MS]: "Re: Certificate Services Error"
• Previous message: krish shenoy[MS]: "Re: Offline Root CA"
• In reply to: izael: "Microsoft CA not installing trusted root path in local computer store"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages IIS - SSL - Root CA auto install ... installed as a ROOT CA. ... We have created all the certificates and stuff to enable ... on client computer. ... he wish to install it. ... (microsoft.public.inetserver.iis.security) Re: Programmatically installing Client Root Certificates ... You install root certificates into the "root" store. ... the certificate to the root store. ... (microsoft.public.platformsdk.security) Re: Enterprise root CA not re-trusted after manually deleted ... automatically installed into all computers' Trusted Root Certification ... Does it mean that the Enterprise Root CA's cert is installed ... If root CA certificates are distributed using autonenrollment (meaning you have ... a standard enterprise CA install, and you don't use group policy for ... (microsoft.public.windows.server.security) Re: Enterprise root CA not re-trusted after manually deleted ... it is not relevant whether there is the AEcache or not, I need to know whether one can be sure that the manually deleted root certs can automatically return or need a manual repair. ... If root CA certificates are distributed using autonenrollment (meaning you have ... a standard enterprise CA install, and you don't use group policy for ... To manually force a new download, delete the following registry key and all ... (microsoft.public.windows.server.security) Re: Squid Proxy server trouble: newsgroups & email OK, but no browsing ... The store log has been disabled. ... I am hesitant to install Core 2 due to space ... limitations, downloading time on a dialup connection, and possible ... [root@Blue root]# uname -a ... (alt.os.linux.redhat)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)