• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 229
  • Last Modified:

CA Cert vs Windows Certifcate Server

I am re-posting the question again thinking that I wil be able to grab the quick attention from someone.


I need to install a Certificate Server for two purposes:
1. authenticating wireless clients
2. serving https clients  for Outlook Web Access with our exchange server.

Our environment is Windows 2003 AD (recently I upped the functional level to 2003) with two DCs.  Exchange is running on one DC and I plan to install RADIUS and Certifacte Server on the other.

I was first thinking of installing an enterpise CA on one of the DCs and then I realise uninstalling a CA in Windows 2003 (if  I needed to for some reason), is going to be quite messy. Then came cacert into my mind.  What are the pros and cons of the two and and which factors hould influence my decision to go either way.

Thanks heaps.

1 Solution
Generally speaking.

If you are dealing with thrid parties eg. Partners, you should use a CA, this is so that if there are issues, there is a neutral third party is responsible and  can investigate, it takes the burden off you to setup your PKI to the standards that others may want (which is extremely high and expesive standards).

Using the WIn2003 solution for employees only is fine, however, I would look at lternatives to Microsoft, you will get better options and security with a more specialist vendor. I personally prefer not to use inherently insecure platforms for high security services.

Try not to mix the two requirements for Third Party/Partners and Internal use only.

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now