Here is my situation. My boss wants us to move towards two factor authentication for laptop users who use VPN to access the network. Currently, we have a Sonicwall SSL-VPN 2000 appliance which provides our VPN access. Our plan is to set up a simple Windows CA server and use smart cards which will authenticate with this CA and allow VPN access. Last week, I installed the CA role on a VM which is running Windows 2008 R2 SP1. However, I am having quite a time setting up the CA since this is my first rodeo dealing with certificates and CAs.
First question is where would I find the server.crt. I thought my public and private key pairs were created during the creation of the CA role, but I cannot find these keys or certificates. Secondly, what is the best way to set up a Windows CA? If I need to, I will uninstall the current CA role and start over.
Your thoughts and answers are appreciated. Thanks.