Re: Issuing of server/client authentication certs from an Ent. CA running on W2k3 Standard Edition

From: Brian Komar <bkomarr@xxxxxxxxxxxxxxxxx>
Date: Mon, 14 May 2007 04:52:40 -0500

On Mon, 14 May 2007 14:43:25 +0800, Jeanne wrote:

Hi all,
Just a quick question: Our Enterprise Root CA in our AD forest is running on
a DC on a Win2003 Standard Edition box. I read that a standard edition W2k3
can only issue "Version 1" of security templates?

Not sure if its any issue but if we want to obtain Windows Computer
Certificates for client/server authentication (OID: 1.3.6.1.5.5.7.3.1 and
....3.2) purposes from this CA, is it possible? The web interface of an
Enterprise CA don't give us the option to pick a "computer" certificate
template. Must we absolutely need to setup an Win2k3 Enterprise edition
based CA for this?

A little confused. Need some quick pointer/light...

Many thanks all.
Cheers.

It can issue the Computer certificate template. You just need to use the
correct resources. Do not use the Web page, as the request is in the
security context of the user.
Instead, open a new MMC, add the Certificates console and focus on the
Local Machine (you must be a member of the local Administrators).

You can then request the Computer certificate
Brian
.

Follow-Ups:
- Re: Issuing of server/client authentication certs from an Ent. CA running on W2k3 Standard Edition
  - From: Jeanne

References:
- Issuing of server/client authentication certs from an Ent. CA running on W2k3 Standard Edition
  - From: Jeanne

Prev by Date: Re: Smartcard / NTFS Encryption
Next by Date: Re: Issuing of server/client authentication certs from an Ent. CA running on W2k3 Standard Edition
Previous by thread: Issuing of server/client authentication certs from an Ent. CA running on W2k3 Standard Edition
Next by thread: Re: Issuing of server/client authentication certs from an Ent. CA running on W2k3 Standard Edition
Index(es):
- Date
- Thread

Relevant Pages

Re: computer certificate L2TP
... a computer certificate. ... Installed a stand alone CA with access to the Enterprise CA ... Point the client browser to this CA and request a certificate. ...
(microsoft.public.win2000.security)
Re: db restoration via shared folder
... > backup/restore db using Enterprise Manager in Standard ... > mapped drive in the Standard Edition. ... the mapped drives are the same. ...
(microsoft.public.sqlserver.server)
RE: Upgrade Standard CA to an Enterprise CA
... Do you mean you want to migrate the stand-alone CA to Enterprise CA? ... Back up the certificate database, the CA certificate, and the CA private ... 8.Select Preserve existing certificate database to use the old database. ...
(microsoft.public.security)
Re: Isolation of the Root CA
... If you want to put your Enterprise CA behind a firewall, ... practice article on that? ... >> An Enterprise CA can not be an offline CA. ... >> standalone root CA and use it to issue a certificate for an Enterprise CA ...
(microsoft.public.win2000.security)
Re: EFS and Certificate Services
... > I created a Enterprise Root CA with a Enterprise Subordinate CA for issuing ... An Enterprise Root CA computer cannot be offline. ... I check the thumbprint of the file and the certificate which matched. ... The best practice is to issue the certificates *before* any encryption ...
(microsoft.public.win2000.security)