Installing a Certification Authority
Notes (Work in progress post):
Install Enterprise CA - must be logged onto domain account, must be enterprise admin
Add Root CA to trusted CAs using group policy: Computer Configuration/Windows Settings/Security Settings/Public Key Policies/Trusted Root Certification Authorities
Version 1 templates are displayed in grey scale. Version 2 templates are displayed in colour. Version 2 templates are only available on Windows 2003 Server Enterprise Certification Authorities.
The CRL (Certificate Revocation List) can be published manually. When publishing, a Delta CRL is the most efficient method.
Install Enterprise CA - must be logged onto domain account, must be enterprise admin
Add Root CA to trusted CAs using group policy: Computer Configuration/Windows Settings/Security Settings/Public Key Policies/Trusted Root Certification Authorities
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEid1uQkaMLTERnpQkfT3BzWIXTADzsh06uXtiX2JDTLe4KTF-KOwR1D7jV9fUZmGGWxes7roOiUut0wvu7y8BB3R2jvSatSN8FCS24Iv-k0pOhj-8ci39KsO8hKn-AEw2CazQ0sRz5nJ24/s320/certtemplates.gif)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1lqgdZHuiyrlaqibBKRAoFpW2pszaj0eGFRYGzv2l3976i3pHu1KaMkr7TeyLWSUI5_3cTk62aS4Km8D44CXAQtyjPAyyyoaGBEAu-IA5KIDwai4VBKs_dytpCkl14XTKuYGrCT0Bt9Y/s320/certcrl.gif)