Solved

Is there an alternative to Microsoft Certificate Services and OpenSSL for genertaing certificates for my wireless LAN?

Posted on 2009-04-13
2
327 Views
Last Modified: 2013-11-12
I am looking for a way to generate certificates for my wireless LAN for both the server and clients. I do not want to install Microsoft Certificate Services, because we need it for nothing else and and I am not good w/Linux. With that being said, does anyone know of any 3rd party alternatives for this? Thanks. I am using Cisco so Funk is a no go.
0
Comment
Question by:ainselyb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24137483
1) A previous employer used Funk Odyssey on their laptops just fine with Cisco access points.

2) MS cert services is probably the easiest CA to pick up.  Linux has CA installs, but if you're not used to Linux there would be a high learning curve and loose out on some of the AD integration features.

Other products that are designed to work in Microsoft are high learning curves and very expensive - many of them license per certificate issued.  Options include Entrust, Baltimore, and RSA Keon.

3) A MS CA can be installed on another machine, but it is best to have a dedicated box for each CA.  To be done properly, you should really have  a 2 tier PKI - the root CA should be offline, not joined to a domain, stand-alone CA on standard edition; the issuing subordinate should be enterprise edition OS joined to the domain set up as an enterprise CA.  Using virtual machines helps cut the costs down a bit - keep the offline root image on a removable hard drive that you can lock up.

4) Once you have a PKI in place, you will probably finding yourself using it more and more over time.  File encryption, email signing & encryption, internal web certificates, IPSec, workstation authentication, and maybe even smartcards.
0
 
LVL 6

Accepted Solution

by:
segurah earned 500 total points
ID: 24173237
If your problem with openssl is linux, use openssl for windows http://www.slproweb.com/products/Win32OpenSSL.html.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question