What is the equivalency of a Registration Authority (RA) in AD Certificate Services? I was reading documentation on TechNet (the best ever, jk) and it had explained that NDES was technically the replacement for a RA. Is this correct?
Asked
Active
Viewed 821 times
2 Answers
0
If you are using the WCCE protocol to automate the process of requesting and receiving certificates then the CA that issues the certificate in conjunction with Active Directory is the Registration Authority.
If you are receiving requests manually and have a CA Operator process and approve them, then that individual (or organisation) is the Registration Authority.
NDES (which is a Microsoftism for SCEP) will instruct the CA to issue a certificate to a particular device, but the human CA operators are also involved as they must issue the NDES password to the network device administrators, therefore that step could be considered as the registration too.

garethTheRed
- 4,539
- 14
- 22