Solved

Installing Security Certificate via GPO - which format to use

Posted on 2013-12-05
4
1,350 Views
Last Modified: 2013-12-11
This is on a Windows 2008 R2 Active Directory with Windows 7 clients. I want to push out a Security Certificate via GPO. Which format should i use? I have .pem .der and .p7b. Thanks.
0
Comment
Question by:criskrit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 39698934
I recommend using .pem
0
 

Author Comment

by:criskrit
ID: 39698960
.pem doesn't seem to be a windows format. Won't this be a problem? the GPO seems to read it fine.
0
 
LVL 3

Accepted Solution

by:
cristiantm earned 350 total points
ID: 39700702
It is not a recognized windows *extension*. One thing is the extension, that gives windows a hint of what is inside. Another is the *format*.

DER is the ANS.1 data encoded in binary. PEM is a base64 encoded version this data with some headers. And p7b is a PKCS#7 certificate bundle.

You can rename the ".pem" files to .crt, .cer, and even .der, and Windows will recognize them as a certificate. And when windows opens it, it will interpret it if it is PEM or DER encoded.

Regarding which one is recommended:

A PEM certificate will be DER converted by the system before its ANS.1 data is interpreted. So you probably would better serve them already DER encoded. But really, this base conversion is not that costly so you may use any of it.

But PEM only is relevant when you need to transport it for some reason using only printable chars. Its not the case so really there is no need to use it, but not a problem if you use it too.
0
 

Author Comment

by:criskrit
ID: 39712285
Great, thanks for the detailed explanation. :-)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick guide on how to use Group Policy to create a custom power plan and set it active on Windows 7.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question