Re: Standalone or Enterprise CA

From: Andy (newsposting_at_multizite.org)
Date: 03/05/05

  • Next message: fixer66: "Re: Being logged on as admin and user at the same time (in XP)?"
    Date: Sat, 5 Mar 2005 10:23:02 +0100
    
    

    OK. I've already done that and it works. But I encountered one problem.
    On the Exchange website, I've ticked the box that says you must have a
    client certificate to connect.
    >From one of my client machines, I request a client certificate and I'm able
    to connect. But, when I export this certificate to another user this user
    are not able to connect.
    The case is that we would like to make OWA available on the net, but our
    users mutst have a certificate with them and import this on the machine they
    are using to be able to connect.
    How do we achieve this?

    /Andy

    "Steven Umbach" <n9rou@n0spam-comcast.net> wrote in message
    news:%239jlgkTIFHA.1096@tk2msftngp13.phx.gbl...
    > You can still request and use certificates on computers that are not part
    > of the
    > Active Directory domain. You could request a certificate for a web server
    > via
    > Web Enrollment. Just be sure to enter the name of your website as the name
    > on
    > the certificate request. --- Steve
    >
    >
    > "Andy" <newsposting@multizite.org> wrote in message
    > news:OtIkGEQIFHA.2984@TK2MSFTNGP15.phx.gbl...
    >> And en enterprise CA will not be a problem for a webserver that is NOT
    >> part
    >> of the company A.D?
    >>
    >> /Andy
    >>
    >> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    >> news:OwPy$jPIFHA.580@TK2MSFTNGP15.phx.gbl...
    >> > "But, further down the road I consider to begin widespread use within
    >> > A.D." In such case it is a no brainier and you will want to use an
    >> > Enterprise CA. It will give you much more flexibility, particiaulary if
    >> > you are using Windows 2003 Server Enterprise as the operating system.
    >> > The
    >> > only issue with a public webserver is a matter of trust. If this web
    >> > server is going to be used only by your users or others that you can
    >> > distribute your Certificate Authority certificate to then your
    >> > Enterprise
    >> > CA will be fine. If this is a web server that will be available to the
    >> > public in general then you want to apply for and purchase a certificate
    >> > from one of the public PKI providers such as Verisign so that public
    >> > users
    >> > will trust your web server certificate. --- Steve
    >> >
    >> >
    >> >
    >> > "Andy" <newsposting@multizite.org> wrote in message
    >> > news:uWCbPnOIFHA.3608@TK2MSFTNGP14.phx.gbl...
    >> >> Hi
    >> >>
    >> >> I'm currently planning to set up a CA. But not quite sure if it would
    >> >> be
    >> >> best to use a standalone root CA, or a Enteprise CA. To start with
    >> >> this
    >> >> CA will be used for certificates for a SSL enabled website that's
    >> >> running
    >> >> OWA and Terminal Services.
    >> >>
    >> >> But, further down the road I consider to begin widespread use within
    >> >> A.D.
    >> >>
    >> >> Are there any issues using an Enteprise CA for certificates that will
    >> >> beused on a pubic webserver?
    >> >>
    >> >> /Andy
    >> >>
    >> >
    >> >
    >>
    >>
    >
    >


  • Next message: fixer66: "Re: Being logged on as admin and user at the same time (in XP)?"

    Relevant Pages

    • Request a Client-Side Certificate using ASP.NET Code
      ... for installing client certificate the conventionl method is given below url. ... To Request a Client-Side Certificate ... Click Request a Certificate, and then click Next. ... I want to avoid the above 3 steps and want to install client certificate using asp.net page. ...
      (microsoft.public.dotnet.framework.aspnet.webservices)
    • Re: HOW TO CREATE A .CER file using ICertControll
      ... Certificate Server to request a client certificate from ...
      (microsoft.public.platformsdk.security)
    • Re: Client Certificate not reaching server
      ... What happens is that when you attach the client certificate to your request, ... the underlying code will try to find the private key for that certificate in ...
      (microsoft.public.dotnet.security)
    • Using ICEnroll to request a client certificat from Certificate Server
      ... I am trying to create a website where i can generate client certificate ... Retrieve the request in a file form. ...
      (microsoft.public.platformsdk.security)
    • Re: Computer and User Certificates Issues
      ... Enrollment of User Certificates using the custom v2 User Certificate Template ... I can NOT request the custom v2 Computer Cert nor the included v1 no ... Concerning permissions, these are the exact permissions I am using now: ...
      (microsoft.public.security)