Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Certificate, certificate services, windows, server

Posted on 2007-11-20
Medium Priority
Last Modified: 2010-04-18
Our certificate server is only issuing certificates for server authentication and not user authentication.  How can I force certificates to be issued allowing this role?
Question by:CreamyG
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 26

Expert Comment

ID: 20319664
I boils down to what application is requesting it and the template you have defined on your CA.
Items like, EFS, Secure Email and and general Client Authentiation are a few user based authentications

On your CA, you'll need a template for those.

Load up your Certificate Authority MMC and target it at your CA.  Select Certificate Templates and check to see if you have User templates assigned.  If not, right click the Certificate template node and select "New Certificate Template to issue", then select the template you which to issue.

Author Comment

ID: 20319836
Thanks.  User is assigned.  I am trying to get IIS default website to request a certificate that will do both client and server authentication.  The certificate that gets issued however will only do server.  Any ideas?
LVL 26

Expert Comment

ID: 20319913
IIS is hardcoded to request only the Web Server template which is Server authentication only.  You have to manually issue a "User" or custom template then install it on IIS.

Author Comment

ID: 20319923
Thanks, how would I manually issue it?
LVL 26

Accepted Solution

Pber earned 1000 total points
ID: 20320135

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question