Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 369
  • Last Modified:

Creating and issuing a Certificate in Windows 2008.

My Certificate Services servers are in place and ready to create and issue certificates.
I am using the 2 tier approach to Certificate Services.
I have created my stand-alone ROOTCA and my Issuing Certificate Services Server in my domain.
My RootCA has been published to AD with certutil -dspublish and I have added it as well to my trusted ROOTCA's for my domain with a GPO.
I have duplicated my Computer Template and set it up ready to issue certificates after I create them.
I have created a GPO that will be used to issue certificates after I create them.

What are the Best Practices Steps for creating our own certificate to be applied to an application server and the users/workstations that will access it?
0
lanman777
Asked:
lanman777
  • 2
  • 2
1 Solution
 
Adam BrownSr Solutions ArchitectCommented:
Well, if you had an Enterprise Root CA, you could configure Autoenrollment for the certificates and not have to worry about issuing and deploying the certificates. Autoenroll isn't possible with a Stand Alone CA, though. At any rate, the steps required for creating a certificate vary depending on the purpose of the Certificate. If you are using IPSec to secure communications between the Application server and workstations, you would Enroll/generate a certificate for each system individually using the certificate services web page (https://servername/certsrv), which is a great deal of work. If you are securing a Web application with an SSL certificate, you need only generate a Certificate Signing Request from IIS and then generate a response using the Certificate Services Web page. Client machines do not need certificates to connect to an SSL partner. There are a lot of different scenarios for certificates, so if possible, could you elaborate on what you need to have the certificates for?
0
 
lanman777Author Commented:
I need and IIS certificate.

Thanks!
0
 
Adam BrownSr Solutions ArchitectCommented:
Okay. Which version of Windows is running the IIS site?
0
 
lanman777Author Commented:
Windows 2003 x64 SP2 and 2003 Standard SP2.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now