Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ad-certificate-services]

Active Directory Certificate Services is a role first made available in Windows Server 2008. Previously it was known as certificate services.

Active Directory Certificate Services is a set of technologies from Microsoft that offer the ability to create a PKI infrastructure.

Active Directory Certificate Services specific documentation are collated at http://social.technet.microsoft.com/wiki/contents/articles/windows-pki-documentation-reference-and-library.aspx

242 questions
1
vote
1 answer

How to move CertSrv from "Default Web Site" to a new site in IIS?

I have installed Active Directory Certificate services and it has created a CertSrv application under "Default Web Site" and it is accessible using http(s)://[hostname]/certsrv. I want to move CertSrv from "Default Web Site" and put it under a new…
Supratik
  • 2,154
  • 10
  • 51
  • 66
1
vote
0 answers

MySQL SSL Problems

I need to configure SSL for a MySQL server. I've read all of the directions for doing self-signed certs but it's preferred that I sign and use the certs from a different CA running AD Certificate Services. Is this a possibility? I've generated the…
user165222
  • 125
  • 3
  • 9
1
vote
3 answers

Does a domain computer trust certs from domain CA

I have investigated this but have been unable to find a definitive answer to my question. I have never used certificate services in active directory before so am unsure of its possible usage/implentations. Quick background: we are looking to set up…
James Edmonds
  • 1,733
  • 10
  • 37
  • 59
1
vote
0 answers

EFS file access problems

in my organization, i have a deadline to deploy EFS using AD CS, and i am working with a single windows server 2003 box, which is the Root CA, and is the same server responsible to certificate enrollment. All configuration, enrollment, issuance etc.…
user117894
  • 11
  • 1
1
vote
1 answer

Anyone know of a way to find all certs that weren't auto-enrolled?

I'm in the process of moving an Active Directory Certificate Services role over to a new 2012 server. The new server will be issuing new certs and I need to find all certs that weren't handed out by auto-enrollment so I can manually issue new…
Adam Bertram
  • 331
  • 1
  • 4
  • 11
1
vote
1 answer

Powershell: Fancy new cmdlet to install CRLs too?

So Win8.1 and 2012 R2 includes a neat new cmdlet to install certs: Import-Certificate [-FilePath] [-CertStoreLocation ] [-Confirm] [-WhatIf] [ ] Unfortunately I found it does not install CRLs- booo. This is weird…
red888
  • 4,183
  • 18
  • 64
  • 111
1
vote
0 answers

How do I set up an 802.1X infrastructure for use with OS X and iPads?

At my workplace I have been tasked with setting up machine certificate based 802.1X wireless authentication for our Apple devices. It seems like on the client side this will be handled by Profiles (specifically a System Profile as it is the device…
Dan Jackson -LRSFC-
  • 13
  • 6
1
vote
2 answers

Is it possible to batch sign CSRs (with certutil for instance)?

I have about 100 CSR to sign on a windows PKI. I would like to know if it's possible to batch submit, issue and export these CSRs via batch or powershell script, maybe using cert util, and how to do it. My searches haven't come up with anything but…
SSler
  • 11
  • 1
  • 3
1
vote
1 answer

Certificate Error on Server 2008 R2 Event ID 6 and 13

I have two DC, one is a Windows Server 2003 (certificate server), the other is Windows Server 2008 R2. The Windows Server 2008 R2 has the following events in the event viewer. Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment Event…
Nixphoe
  • 4,584
  • 7
  • 34
  • 52
1
vote
1 answer

FIM CM Broken After Manual Cert Renewal

I recently attempted to renew the certificate for the clmAgent user account according to these directions: http://technet.microsoft.com/en-us/library/hh149034%28v=ws.10%29.aspx I logged in with the clmAgent account, went to Certificates MMC,…
Ryan Ries
  • 55,481
  • 10
  • 142
  • 199
1
vote
1 answer

Client side certificates in client browsers with unix server for management

We are currently running Unix dedicated servers for everything (Web cluster, database, FTP, batch, ...) except for a Microsoft Active Directory Certificate Services. The sole purpose of this Windows box is to provide client side certificates to our…
2Fast2BCn
  • 305
  • 2
  • 6
1
vote
1 answer

How to autoenroll certificates from a Certification Authority in a trusted domain?

I have two Active Directory domains in two separate forests, all at Windows Server 2008 R2 functional levels. There is a two-way forest trust between the domains. Domain A contains a Windows Server 2008 R2 Enterprise Root Certification Authority;…
Massimo
  • 70,200
  • 57
  • 200
  • 323
1
vote
1 answer

How can I get SBS2011 to issue certificates?

I want to use certificates to authenticate both client and server for a new internal service. Since all our servers already have the SBS (2011 Standard) server's Cert installed as a Trusted Root, getting it to issue the new certificates seems like…
Basic
  • 426
  • 2
  • 9
  • 23
1
vote
1 answer

Microsoft Standalone CA - Set expiration date of an individual request

I have set up a Microsoft Standalone CA on 2008 R2 as a root CA. I'm trying to setup a subordinate Enterprise CA. I generated the certificate request, and submitted it to the root CA. Then, I ran the following command to set the expiration date…
Sean Hall
  • 131
  • 1
  • 6
1
vote
1 answer

How do I create multiple instances of Certificate Server on the same Windows installation?

The following URLs describe a new feature of Windows Certificate server is the ability to install multiple instances on the same server. (see end of "transcript" link it's a zip file)…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1 2 3
16 17