Cross Forest CA Implementation
From: Benkman (Benkman_at_discussions.microsoft.com)
Date: 10/07/04
- Next message: Ernst Murnleitner: "Re: Permissions on a removable media"
- Previous message: Joe Richards [MVP]: "Re: Lock Computer withour revealing user name?"
- Next in thread: Paul Adare - MVP - Microsoft Virtual PC: "Re: Cross Forest CA Implementation"
- Reply: Paul Adare - MVP - Microsoft Virtual PC: "Re: Cross Forest CA Implementation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 6 Oct 2004 23:21:02 -0700
Hello,
I've got an interesting scenario that I'd appreciate any feedback on :).
Two Forests: 1 Windows 2000 (Corporate) , 1 Windows 2003 (Ecommerce)
Required: Client Certificate Authentication of an IIS 5 Server in the
Windows 2000 Forest to an IIS 6 Server in the Windows 2003 Forest.
The current intention is to create an Offline RootCA, publish this to the
Windows 2000 AD. An Windows 2000 Enterprise Subordinate in this forest would
then be comissioned for computer certs.
To meet the above approach I was considering inserting multiple LDAP CDP's
in the RootCA cert and also the subordinate cert.
We could then publish these to the Windows 2003 AD as well as the CRL's, as
required.
Thoughts or other approaches to the cross-forest conundrum?
Thanks,
Benkman.
- Next message: Ernst Murnleitner: "Re: Permissions on a removable media"
- Previous message: Joe Richards [MVP]: "Re: Lock Computer withour revealing user name?"
- Next in thread: Paul Adare - MVP - Microsoft Virtual PC: "Re: Cross Forest CA Implementation"
- Reply: Paul Adare - MVP - Microsoft Virtual PC: "Re: Cross Forest CA Implementation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
