Re: Subordinate CA

From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 10/15/04

• Next message: Sean: "RE: Subordinate CA"
• Previous message: Sean: "SSL security"
• In reply to: Sean: "Subordinate CA"
• Next in thread: Sean: "RE: Subordinate CA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 15 Oct 2004 23:53:31 +0200

Hi Sean,

What version are your CA servers in question? Windows 2000? Are subordinate
CA servers Enterprise CA setup?

How was certificate issued to OWA? Using IIS or was it by web interface? If
certificate was imported to OWA manually was it marked as exportable before
it was imported?

Mike

"Sean" <Sean@discussions.microsoft.com> wrote in message
news:0BA15002-C6D3-418A-9F5C-90C1B87CEF0E@microsoft.com...
> Hi
>
> My company has an Enterprise Root CA in Colorado and many Subordinate CA
in
> its offices around the world.
>
> One of these offices having a Subordinate CA with the Enterprise CA in
> Colorado wants to use a certificate issued for this CA for a communication
> encrypted by SSL between an external OWA client and the external interface
of
> the ISA server. This office was able to set up a certificate on the OWA
> website from its Subordinate CA and the internall users are able to access
> OWA using https protocol.
> For the extenal access, this office wanted to export this certificate and
PK
> and then to import it into the ISA server certificate store, but they were
> not able to export the private key.
> My question is: Is possible use this Subordinate CA in order to get the
> certificate for the external OWA access? if so, what should they do in
order
> to get the private key?
> If not, should I install a new Enterprise root CA on the domain of this
> office?
> If I install this new Enterprise root CA on this office ... could this new
> Enterprise root CA cause some conflict with current Subordinate CA?
>
> Thank you for any thought about it
>
> Sean

• Next message: Sean: "RE: Subordinate CA"
• Previous message: Sean: "SSL security"
• In reply to: Sean: "Subordinate CA"
• Next in thread: Sean: "RE: Subordinate CA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: W2K3 3-tier CA Implementation ... No matter what environment you are in, install a standalone ROOT CA. ... based on the standalone subordinate CA. ... I agree with issuing CAs being enterprise CAs. ... You do not use a certificate tempalte for the ... (microsoft.public.security) Re: How to determine Role on a installed CA? ... If you do you can be 100% sure you have Enterprise ... To see if it is subordinate or root, check your CA certificate... ... (microsoft.public.windows.server.networking) Which certificate do I have to deploy ? Root CA or Subordinate CA certificate ? ... we will have a Root CA and a subordinate CA (enterprise online integrated to AD). ... My question is which certificate should I have to deploy to my computer Trusted Root Certification Authorities Store? ... (microsoft.public.windows.server.security) Re: Subordinate CA ... Issue OWA it's own certificate on subordinate CA service. ... IIS wizard or web interface to issue new certificate to OWA. ... >> My company has an Enterprise Root CA in Colorado and many Subordinate CA ... (microsoft.public.win2000.security) RE: Subordinate CA ... OWA was certificate using IIS. ... It's not able to start after applying SP4 on Subordinate CA's DC ... ... should I install a new Enterprise root CA on the domain of this ... (microsoft.public.win2000.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint