Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ad-certificate-services]

Active Directory Certificate Services is a role first made available in Windows Server 2008. Previously it was known as certificate services.

Active Directory Certificate Services is a set of technologies from Microsoft that offer the ability to create a PKI infrastructure.

Active Directory Certificate Services specific documentation are collated at http://social.technet.microsoft.com/wiki/contents/articles/windows-pki-documentation-reference-and-library.aspx

242 questions
1
vote
1 answer

Total Number of Certificates issued / revoked

Currently using Active Directory Certificate Services. Is it possible to find out the total number of certificates that have been published and revoked up till today, and if so how do I do it?
user361564
  • 13
  • 2
1
vote
0 answers

Active Directory Certificate Services Code signing Subject Empty

I'm contracted by a branch of a large multinational company to write some in-house software. I'm trying to push this software out to users using ClickOnce. To sign the application, I was issued a code signing certificate that was created with their…
Marten Jacobs
  • 11
  • 1
1
vote
2 answers

PKI - What is the equivalency of a Registration Authority (RA) in AD Certificate Services?

What is the equivalency of a Registration Authority (RA) in AD Certificate Services? I was reading documentation on TechNet (the best ever, jk) and it had explained that NDES was technically the replacement for a RA. Is this correct?
Matt L.
  • 21
  • 3
1
vote
1 answer

Forcing Certificate Auto-Reissue

Recently, I used AD Certificate Authority to automatically issue a remote desktop certificate to each client on the local domain. After the auto-issue, I realized that I failed to properly configure the root certificate's CRL Distribution Point…
Ben Gribaudo
  • 153
  • 1
  • 5
1
vote
2 answers

AD Certificate services - The combobox to select Template is missing

Has anybody come across an issue where the certificate templates field is missing in the certsrv web-page? I am running 'Windows2012R2 Standard'. The online tutorials all have this combobox, but i am at a loss as to why it is missing. This is a…
Houtman
  • 113
  • 1
  • 7
1
vote
1 answer

Can I add a certificate template type to the "Submit a Certificate Request" page in AD CS Web Enrollment?

In the CA Web Enrollment website, on the "Submit a Certificate Request or Renewal Request" page (https:///certsrv/certrqxt.asp) there is a dropbox under the "Certificate Template:" section with values for various certificate template…
Will Dennis
  • 304
  • 4
  • 16
1
vote
1 answer

How to enable LDAP over SSL/TLS in AD without installing AD Certificate Services

I am installing a Sonicwall firewall into my organization. I've connected the Sonicwall with the Active Directory domain, however now on the status page of the appliance there is a huge warning: WARNING: LDAP is being used without TLS - this is…
Spirit
  • 1,154
  • 8
  • 25
  • 45
1
vote
1 answer

Cross Forest Certificate Authority

Looking for help on material for setting up a multi tiered/cross-forest PKI Infrastructure. The only articles I can come across are just setting up the basic two tier systems on one domain. Basically we have a management domain (we buy companies…
Matthew Dartez
  • 61
  • 1
  • 1
  • 10
1
vote
1 answer

How do I get alerted to an pending AD CS certificate request?

I want to get a summary report of pending AD CS requests. How would I approach this? Does anything already exist? The problem I'm trying to solve is where a user requests a certificate, and i'm unaware of this pending/outstanding item.
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1
vote
1 answer

Problematic Active Directory CA certificate

i came across one DC, which gives me RPC errors when dealing with AD Certificate Service.I can see in AD there is 2 Root CA , one is problematic. Is it safe to remove it? Or is there a procedure for this ? windows Server 2012 R2 Event "Active…
user122348
  • 21
  • 1
  • 5
1
vote
0 answers

How to setup digital signatures on Microsoft CA (AD-CS)?

I've been trying to research across the web on how to setup a Microsoft CA (AD-CS on Windows Server 2008 R2) in order to create a certificate for digital signatures, allowing you to digitally sign emails. There are lots of articles on how to…
AshesToAshes
  • 111
  • 3
1
vote
1 answer

PKI - Cert Template could not be loaded. This function is not supported on this system

I've built PKI's many times yet this organization's results have me puzzled. Offline Root 2008 R2 Standard 2xEnterprise Subordinate CA's 2008 R2 Enterprise Installed services, all is good. When I go to add v2, v3 templates they aren't available so I…
Paul Ackerman
  • 2,729
  • 1
  • 16
  • 23
1
vote
1 answer

ADCS Create a new certificate or Rename?

Just joined a new company. Apparently back last year they got rid of the old CA and restored the certificate on a new server. (2003 to 2012). I was about to renew the certificate (self signed) on the CA but realized that: the Cert still is with the…
KitKatNeko
  • 41
  • 4
1
vote
1 answer

Migrating certificate services to Server 2008 R1

I am currently planning a move of an Active Directory Certificate Services CA from a soon to be decommissioned Server 2003 R2 Standard box to an existing Windows 2008 R1 Enterprise box. This is not something I have done before, so I've been looking…
dbr
  • 1,852
  • 3
  • 23
  • 38
1
vote
1 answer

How can I limit the SMIME capabilities from a CA without using FIM?

These instructions describe how to prevent using SMIME with weak ciphers, however it requires an expensive product from Microsoft. How can I prevent a CA from issuing SMIME certificates that permit the weak ciphers from being used?
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1 2 3
16 17