Re: Can MS Certificate Services create Subordinate CA Certificate?
From: ohaya (ohaya_at_cox.net)
Date: 03/04/05
- Previous message: RQ: "Re: Has anyone seen this "Alert"?"
- In reply to: David Cross [MS]: "Re: Can MS Certificate Services create Subordinate CA Certificate?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 03 Mar 2005 18:01:42 -0500
David,
Thanks for the link. It'll take a bit of juggling on my part, but we
have some W2K3 systems around that I can use for this.
It looks like I have a bit of reading to do :), but I did a quick scan
of that article, and I think it has the info I need. From what I can
tell, it appears that the main problem with the "vanilla" Cert services
configuration is that the re-signed subordinate CA cert didn't have the
"BasicConstraints", I think, which is probably understandable from a
security standpoint.
Jim
"David Cross [MS]" wrote:
>
> It should be possible to make this work with Windows 2000, but it may be
> easier with Windows Server 2003. Here is a whitepaper to help you:
>
> Cross-certification and Qualified subordination whitepaper:
> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws03qswp.mspx
>
> --
> David B. Cross [MS]
> --
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
- Previous message: RQ: "Re: Has anyone seen this "Alert"?"
- In reply to: David Cross [MS]: "Re: Can MS Certificate Services create Subordinate CA Certificate?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
