Configure a CAPolicy.inf file
From: Anette Andresen (anette_andresen_at_hotmail.com)
Date: 09/23/03
- Next message: V: "EFS"
- Previous message: Austin Henderson: "User Logon"
- Next in thread: Laudon Williams [MSFT]: "Re: Configure a CAPolicy.inf file"
- Reply: Laudon Williams [MSFT]: "Re: Configure a CAPolicy.inf file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Sep 2003 16:37:42 +0200
I'm trying to install and configure a Windows Server 2003 Stand alone root
CA.
I have configured most of the CAPolicy.inf file the way I want it using
examples from
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/standard/sag_CS_Setup.asp
But there is two things I would like to configure:
1. The path length constraint, and
2. The key usage field
According to
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/deployguide/dssch_pki_mglu.asp
is it possible to configure the path length constraint using a CAPolicy.inf
file, but how is this exactly done? What should I write in my CAPolicy.inf
file?
And according to an earlier posting (from Michael Branco dated 2003-08-20)
concerning "Customizing the Root Certificate" the answer there was that
changing the key usage was possible with the use of a CAPolicy.inf file and
a link to a best practice document was given
(http://www.microsoft.com/technet/prodtechnol/windowsserver2003/maintain/ope
rate/ws3pkibp.asp)
But I can't find out how this is done, and again what should I write in my
CAPolicy.inf file if I in example just want the key usage to be certificate
signing and CRL signing?
Regards,
Anette Andresen
- Next message: V: "EFS"
- Previous message: Austin Henderson: "User Logon"
- Next in thread: Laudon Williams [MSFT]: "Re: Configure a CAPolicy.inf file"
- Reply: Laudon Williams [MSFT]: "Re: Configure a CAPolicy.inf file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
