Some SCEP CA questions
From: Eric Chamberlain (eric.chamberlain_at_newsgroups.nospam)
Date: 04/22/04
- Previous message: Bob Johnson: "Re: Disabling Services"
- Next in thread: David Cross [MS]: "Re: Some SCEP CA questions"
- Reply: David Cross [MS]: "Re: Some SCEP CA questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 21 Apr 2004 18:06:39 -0700
I've installed the SCEP add-on on a test enterprise subordinate CA. After
generating some certificates, I'm wondering if it is better for a CA with
the Simple Certificate Enrollment Protocol (SCEP) Add-on for Certificate
Services to be a standalone root CA? I don't see a good way to link an
issued certificate with the user account that requested the enrollment
challenge password. All the certificates are processed with the SCEP
service account. We need a way to trace an inappropriately used
certificates back to the userID that requested the certificate. Are we just
stuck with a manual approval process? Our implementation needs to scale to
60,000 users.
Is it possible to change the template that the mscep.dll uses when issuing
certificates?
Can mscep.dll be installed on an RA instead of a CA?
Is the source code or sample code available, if we need further
customizations?
- Previous message: Bob Johnson: "Re: Disabling Services"
- Next in thread: David Cross [MS]: "Re: Some SCEP CA questions"
- Reply: David Cross [MS]: "Re: Some SCEP CA questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
