Anti-Spyware Forums


Reply
Thread Tools Display Modes

How can I create a second certificate authority server for redunda

 
 
Kristina
Guest
Posts: n/a

 
      20-09-2006, 04:07 PM
We would like to create a second enterprise certificate authority server for
redundancy. How do I that? Thanks.
 
Reply With Quote
 
 
 
 
Miha Pihler [MVP]
Guest
Posts: n/a

 
      20-09-2006, 04:56 PM
Hi Kristina,

You simply create another one -- just like you did with the first one.
Clients will then see both of them and will contact one or the other.

--
Mike
Microsoft MVP - Windows Security

"Kristina" <(E-Mail Removed)> wrote in message
news:860D7C3F-C13F-4964-86E4-(E-Mail Removed)...
> We would like to create a second enterprise certificate authority server
> for
> redundancy. How do I that? Thanks.



 
Reply With Quote
 
 
 
 
Brian Komar [MVP]
Guest
Posts: n/a

 
      20-09-2006, 11:55 PM
In article <(E-Mail Removed)>, mihap-
(E-Mail Removed) says...
> Hi Kristina,
>
> You simply create another one -- just like you did with the first one.
> Clients will then see both of them and will contact one or the other.
>
>

There is a little more to this. Are you creating a hierarchy or are you
creating two root CA's within the organization. What is the size of your
organization? What types of certificates are you issuing?

We need more details to tell you how best to deploy the second CA.
Brian
 
Reply With Quote
 
Kristina
Guest
Posts: n/a

 
      21-09-2006, 07:04 PM
I want to create a root ca, subordinate ca, and then a trust between them. I
have the knowledge base article to do that. Second question, how can I tell
if my CA right now is the "root CA". Where can I tell in the properties?

"Brian Komar [MVP]" wrote:

> In article <(E-Mail Removed)>, mihap-
> (E-Mail Removed) says...
> > Hi Kristina,
> >
> > You simply create another one -- just like you did with the first one.
> > Clients will then see both of them and will contact one or the other.
> >
> >

> There is a little more to this. Are you creating a hierarchy or are you
> creating two root CA's within the organization. What is the size of your
> organization? What types of certificates are you issuing?
>
> We need more details to tell you how best to deploy the second CA.
> Brian
>

 
Reply With Quote
 
Brian Komar [MVP]
Guest
Posts: n/a

 
      21-09-2006, 10:47 PM
In article <EF33BBA5-771E-4832-807D-(E-Mail Removed)>,
(E-Mail Removed) says...
> I want to create a root ca, subordinate ca, and then a trust between them. I
> have the knowledge base article to do that. Second question, how can I tell
> if my CA right now is the "root CA". Where can I tell in the properties?
>
> "Brian Komar [MVP]" wrote:
>
> > In article <(E-Mail Removed)>, mihap-
> > (E-Mail Removed) says...
> > > Hi Kristina,
> > >
> > > You simply create another one -- just like you did with the first one.
> > > Clients will then see both of them and will contact one or the other.
> > >
> > >

> > There is a little more to this. Are you creating a hierarchy or are you
> > creating two root CA's within the organization. What is the size of your
> > organization? What types of certificates are you issuing?
> >
> > We need more details to tell you how best to deploy the second CA.
> > Brian
> >

>

Wow, you need to start from square one if you are unsure if it is a root
CA... A root CA by definition possesses a self-signed certificate. In
other wordes, the subject and issuer will match in the certificate.

I recommend that you look at the best practices white paper immediately:
http://www.microsoft.com/technet/pro...2003/technolog
ies/security/ws3pkibp.mspx

Brian
 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
remove certificate authority server Bentley Security Software 1 05-09-2007 01:01 PM
Local Certificate Authority Server Rick Security Software 1 07-07-2006 08:59 AM
Windows 2000 Certificate Authority (CA) Server - Can I delete Revo Frank Security Software 3 18-04-2006 03:45 PM
Create a computer certificate for non-connected machine? Eddie Wedensworth Security Software 11 31-08-2004 08:52 PM
Certificate Authority on 2003 server Duro Madera Security Software 4 02-01-2004 03:43 PM


All times are GMT. The time now is 04:41 AM.