Installing a Certification Authority

Notes (Work in progress post):

Install Enterprise CA - must be logged onto domain account, must be enterprise admin
Add Root CA to trusted CAs using group policy: Computer Configuration/Windows Settings/Security Settings/Public Key Policies/Trusted Root Certification Authorities

Enterprise Certification Authorities are automatically placed in the Cert Publishers Group.

Version 1 templates are displayed in grey scale. Version 2 templates are displayed in colour. Version 2 templates are only available on Windows 2003 Server Enterprise Certification Authorities.

The CRL (Certificate Revocation List) can be published manually. When publishing, a Delta CRL is the most efficient method.

Popular posts from this blog

Get local computer UUID/GUID using Windows Powershell

gPLink and gPOptions

PSLoggedOn Getting Started on Windows Server 2008 R2