Creating and issuing a Certificate in Windows 2008.

My Certificate Services servers are in place and ready to create and issue certificates.
I am using the 2 tier approach to Certificate Services.
I have created my stand-alone ROOTCA and my Issuing Certificate Services Server in my domain.
My RootCA has been published to AD with certutil -dspublish and I have added it as well to my trusted ROOTCA's for my domain with a GPO.
I have duplicated my Computer Template and set it up ready to issue certificates after I create them.
I have created a GPO that will be used to issue certificates after I create them.

What are the Best Practices Steps for creating our own certificate to be applied to an application server and the users/workstations that will access it?
lanman777Asked:
Who is Participating?
 
Adam BrownSr Solutions ArchitectCommented:
Well, if you had an Enterprise Root CA, you could configure Autoenrollment for the certificates and not have to worry about issuing and deploying the certificates. Autoenroll isn't possible with a Stand Alone CA, though. At any rate, the steps required for creating a certificate vary depending on the purpose of the Certificate. If you are using IPSec to secure communications between the Application server and workstations, you would Enroll/generate a certificate for each system individually using the certificate services web page (https://servername/certsrv), which is a great deal of work. If you are securing a Web application with an SSL certificate, you need only generate a Certificate Signing Request from IIS and then generate a response using the Certificate Services Web page. Client machines do not need certificates to connect to an SSL partner. There are a lot of different scenarios for certificates, so if possible, could you elaborate on what you need to have the certificates for?
0
 
lanman777Author Commented:
I need and IIS certificate.

Thanks!
0
 
Adam BrownSr Solutions ArchitectCommented:
Okay. Which version of Windows is running the IIS site?
0
 
lanman777Author Commented:
Windows 2003 x64 SP2 and 2003 Standard SP2.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.