Shared Certificate Store in Active Directory
From: Steve Buckley (anonymous_at_discussions.microsoft.com)
Date: 12/24/03
- Previous message: Fred Yarbrough: "Best Way to Change Password via the Web?"
- Next in thread: David Cross [MS]: "Re: Shared Certificate Store in Active Directory"
- Reply: David Cross [MS]: "Re: Shared Certificate Store in Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Dec 2003 14:42:21 -0800
WARNING - This question is not as easy as it may first
seem, this is a repost of a question originally asked in
the Active Directory forum.
How do you configure a "Shared Certificate Store" in
Active Directory so you can make Certificates and their
associated Public Keys available to members of the
Enterprise, for example to enable IPSec encryption using
Certificates rather than Kerberos?
They are clearly stored *somewhere* already as they are
visible against the user/machine accounts in the Active
Directory Users & Computers MMC.
The CDP container only contains the CRL object - where is
the actual store and how do you set permissions on it?
Or do you have to create one somehow?
I have been puzzeling over this one for a good 6 months -
if someone comes back to me with click on "Allow
certificates to be published in Active Directory" I'll
slap them for not reading my question.
.
The answer to this question does not appear to be in any
of the Microsoft Security MCSE core texts or Technet.
- Previous message: Fred Yarbrough: "Best Way to Change Password via the Web?"
- Next in thread: David Cross [MS]: "Re: Shared Certificate Store in Active Directory"
- Reply: David Cross [MS]: "Re: Shared Certificate Store in Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
