Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [pki]

Public Key Infrastructure is a cryptography system based on X.509 digital certificates, commonly used for encrypted communication and authentication.

Public Key Infrastructure is a cryptography system based on X.509 digital certificates.

OpenSSL and Windows Certificate Authorities are two commonly-used software certification authorities.

228 questions
0
votes
1 answer

Can not find a specific group in MS Windows 2008

In a MS-Win 2008 SP2 I am trying to find the group CERTSVC_DCOM_ACCESS. I followed this link Error in MS-CA request instructions but I can not seem to find that group. Where it? Does it have a different name?
user76678
  • 349
  • 3
  • 5
  • 16
0
votes
1 answer

Use Certificate Autoenrolment with third-party Certificate Authority

Is it possible to setup Windows Domain to use Certificate Autoenrolment and third-party Certificate Authority? We think that it can be done in Windows Server 2008 only but don`t know exactly, please help. References: We find this article "Setting up…
Sasha
  • 229
  • 2
  • 5
  • 12
0
votes
1 answer

Does IIS 6.0 Log CRL Checks?

I am adding a 3rd party OCSP responder(Tumbleweed) plugin to IIS 6.0/Windows. I have the 3rd party tool configured to check the revocation status and would like to assert that IIS is not making a duplicate check. Is there a log (other than the IIS…
Kevin
  • 1
  • 1
0
votes
1 answer

Who uses OpenXPKI?

I'm evaluating PKI solutions for my client, and among other more technical attributes I'd like to be able to report a few marquis users of each solution. Many projects list well-known users or link to media releases or whitepapers, but I can't seem…
G__
  • 314
  • 2
  • 10
0
votes
1 answer

Shorten CA Certificate lifetime with Certificate Services?

I recently setup Windows 2003 Certificate Services and installed a five year certificate. I'm now working with a vendor that requires our public CA key so that they can trust all certificates generated by us, but they will not accept it since the…
Brett G
  • 2,033
  • 2
  • 28
  • 45
0
votes
0 answers

How to force Domain Controller to get new certificate from PKI Server

I bluntly created a PKI Server (AD CS) that sits inside the Domain. My Domain Controllers got a DomainController Certificate from it. After that I thought that it would be better, to create a Root CA that isn't in the domain, and a subordinate CA…
SimonS
  • 785
  • 4
  • 14
  • 29
0
votes
1 answer

CA: Certificate User for VPN

From a subordinate Enterprise CA I want to generate a user certificate that serves as an authentication method for VPN connections. I want to install this certificate with autoenroll on the domain users with a GPO. There is an option in the…
Santyuste
  • 19
  • 1
0
votes
0 answers

How to integrate .Net application to ADCS using API

We have to integrate own app to MS ADCS environment for autoenrollment digital certificates. Is there any guide to integrate our app to MS Certificate Authority using API?
Ivan Diniz
  • 1
  • 1
0
votes
2 answers

Change certificate issuer

Is it possible to change the "issuer" value in a CA so that when a new certificate is issued, the new "issuer" value appears? In the case of having several SubCa, is it possible to match the same "issuer" in the certificates of all the SubCa or…
Santyuste
  • 19
  • 1
0
votes
1 answer

PKI hierarchy. Root CA CAand subordinate

I have to deploy a new PKI hierarchy I have one domain and several subdomains I had thought about having a Root CA and a Sub CA. What are the advantages of this option over having a root CA only? Do you advise that the Root CA and the Sub CA should…
Santyuste
  • 19
  • 1
0
votes
0 answers

CA root and CA subordinate administrator

I want to deploy a new PKI infrastructure on a domain that has several subdomains and trusted domains. I would like to be able to delegate the administration between several administrators corresponding to the subdomains and trusted domains. Would…
Santyuste
  • 19
  • 1
0
votes
1 answer

Windows Server 2019 ADCS. CA subordinate

I have a "CA1" server with Windows 2019 that has the CA root Enterprise service. Additionally I have another server "CA-Subordinate" with Windows 2019 with the CA subordinate service of "CA1". The CA root server "CA1" I am going to decommission it…
Santyuste
  • 19
  • 1
0
votes
2 answers

How to get a google issued certificate for my service behind l4 load balancer

I am running a mqtt broker behind gke LoadBalancer type service. The lb type service is a l4 load balancer and I need to handle the tls termination at my service/broker level. I have associated an A record with loadbalancer ip (say mqtt.example.com)…
java_doctor_101
  • 103
  • 3
0
votes
1 answer

Windows AD cert renewal implementation vs cert copying

Windows PKI policy has a setting for what I think is automated renewal of AD template issued certificates when they expire. It must be also enabled on the certificate authority (CA) side. Question - if I copy an AD template based cert from the…
Seva Alekseyev
  • 197
  • 2
  • 12
0
votes
1 answer

Trouble setting up CES and CEP PKI in a trusted forest scenario

I have two AD domains with a two-way forest trust. I want computer accounts in DomainB to enroll for computer client auth certificates from the two-tier Windows CA in DomainA. I configured a certificate cert template in the issuing CA for this and…
corndog
  • 1
1 2 3
15 16