Solved

Is there an alternative to Microsoft Certificate Services and OpenSSL for genertaing certificates for my wireless LAN?

Posted on 2009-04-13
2
324 Views
Last Modified: 2013-11-12
I am looking for a way to generate certificates for my wireless LAN for both the server and clients. I do not want to install Microsoft Certificate Services, because we need it for nothing else and and I am not good w/Linux. With that being said, does anyone know of any 3rd party alternatives for this? Thanks. I am using Cisco so Funk is a no go.
0
Comment
Question by:ainselyb
2 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24137483
1) A previous employer used Funk Odyssey on their laptops just fine with Cisco access points.

2) MS cert services is probably the easiest CA to pick up.  Linux has CA installs, but if you're not used to Linux there would be a high learning curve and loose out on some of the AD integration features.

Other products that are designed to work in Microsoft are high learning curves and very expensive - many of them license per certificate issued.  Options include Entrust, Baltimore, and RSA Keon.

3) A MS CA can be installed on another machine, but it is best to have a dedicated box for each CA.  To be done properly, you should really have  a 2 tier PKI - the root CA should be offline, not joined to a domain, stand-alone CA on standard edition; the issuing subordinate should be enterprise edition OS joined to the domain set up as an enterprise CA.  Using virtual machines helps cut the costs down a bit - keep the offline root image on a removable hard drive that you can lock up.

4) Once you have a PKI in place, you will probably finding yourself using it more and more over time.  File encryption, email signing & encryption, internal web certificates, IPSec, workstation authentication, and maybe even smartcards.
0
 
LVL 6

Accepted Solution

by:
segurah earned 500 total points
ID: 24173237
If your problem with openssl is linux, use openssl for windows http://www.slproweb.com/products/Win32OpenSSL.html.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco 5520 WLC and Cisco Prime 3.0 4 52
Cisco 887VA-W - Separate VLANs for wired and wireless connections 10 101
Brother MFC-J6720DW Scan to Email 5 73
internet passcode 14 73
With the purchase of CloudCommand by Comcast customers are left in a bind as subscriptions expire and render the AP's disabled. The following will explain how to flash your Ubiquiti AP's with CloudCommand firmware back to Ubiquiti firmware. HOWTO…
Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now