Windows Certificate Server question - SSL - Website

Posted on 2004-11-23
Last Modified: 2010-04-11
Can i create my own SSL certificate for our website with Win2k3 certificate services?  

Website is on win2k server....using a Verisign certificate now...
Question by:scotto2003
    LVL 6

    Accepted Solution

    Yes, the downside is that if it is publically available, people will get a popup saying the Authority is unknown.  We do that here though for internal stuff.
    LVL 6

    Expert Comment

    Go into IIS and create the request, then go to the Win03 CertServ website (local), and submit the request, you'll get a reply and install the cert.

    Author Comment

    Also, this will be for our Client Website (external),  the site gives them (hospitals) status updates and notes from the accounts we work for them... Do you guys know if HIPAA requires an outside certificate authority...?
    LVL 6

    Expert Comment

    Very good point.  I am not a lawyer, and am not terribly familiar with HIPPA, so I would have your company speak with a licensed attorney before you get too far, but I did find the following:

    I found this on the HIPPA website:
    Confidential communications. Under the privacy rule, patients can request that their doctors, health plans and other covered entities take reasonable steps to ensure that their communications with the patient are confidential. For example, a patient could ask a doctor to call his or her office rather than home, and the doctor's office should comply with that request if it can be reasonably accommodated.

    So at a minimum you would need to take "reasonable steps".

    As far as SSL providers, 128bit is 128bit, but the patient might feel better seeing the Verisign logo on the site.

    However, like I said I'm not a lawyer, I'd get their advice.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now