RhoSysAdmin
asked on
Certificate Authority requirements for BitLocker Data Recovery agent certificate template?
We're trying to create a certificate template for a "BitLocker Data Recovery Agent" certificate to use with a BitLocker implementation. Unfortunately, it looks like our Windows Server 2003 subordinate CA does NOT meet the minimum requirements to do this. We don't see any "BitLocker" extensions that can be added to the template when we create a duplicate of the "Key Recovery Template".
I can't find anything on TechNet that states clearly what OS your internal PKI CA's need to be in order to create this BitLocker DRA certificate template. Can someone point me in the right direction?
We figured we were going to have to upgrade/migrate/replace our W2K3 CA's this year. Now it looks like that to-do just got bumped to the top of the list. We'd like to make sure we get this upgrade/migration done right.
Any advice is greatly appreciated!!
I can't find anything on TechNet that states clearly what OS your internal PKI CA's need to be in order to create this BitLocker DRA certificate template. Can someone point me in the right direction?
We figured we were going to have to upgrade/migrate/replace our W2K3 CA's this year. Now it looks like that to-do just got bumped to the top of the list. We'd like to make sure we get this upgrade/migration done right.
Any advice is greatly appreciated!!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER