Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Certificate, certificate services, windows, server

Posted on 2007-11-20
5
307 Views
Last Modified: 2010-04-18
Hello,
Our certificate server is only issuing certificates for server authentication and not user authentication.  How can I force certificates to be issued allowing this role?
thanks
0
Comment
Question by:CreamyG
  • 3
  • 2
5 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 20319664
I boils down to what application is requesting it and the template you have defined on your CA.
Items like, EFS, Secure Email and and general Client Authentiation are a few user based authentications

On your CA, you'll need a template for those.

Load up your Certificate Authority MMC and target it at your CA.  Select Certificate Templates and check to see if you have User templates assigned.  If not, right click the Certificate template node and select "New Certificate Template to issue", then select the template you which to issue.
0
 
LVL 1

Author Comment

by:CreamyG
ID: 20319836
Thanks.  User is assigned.  I am trying to get IIS default website to request a certificate that will do both client and server authentication.  The certificate that gets issued however will only do server.  Any ideas?
0
 
LVL 26

Expert Comment

by:Pber
ID: 20319913
IIS is hardcoded to request only the Web Server template which is Server authentication only.  You have to manually issue a "User" or custom template then install it on IIS.
0
 
LVL 1

Author Comment

by:CreamyG
ID: 20319923
Thanks, how would I manually issue it?
0
 
LVL 26

Accepted Solution

by:
Pber earned 250 total points
ID: 20320135
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question