Anti-Spyware Forums


Reply
Thread Tools Display Modes

Easy question on PKI, 2 level hierarchy design

 
 
Marlon Brown
Guest
Posts: n/a

 
      04-12-2006, 05:13 PM
I need to issue internal certs for web servers and other applications in the
future.

If I setup a 2 level hierarchy Win2003domain, MS PKI solution, imagine I
would use 2 servers without warranty (P4 1GB CPU, 2GB RAM), 3 year old Dell
servers for the OFFLINE ROOT CA.

I understand that I would keep the OFFLINE ROOT CA's shutdown and secured.

Can you confirm in what occasion I would need to bring thosed OFFLINE ROOT
CA online again ?


 
Reply With Quote
 
 
 
 
Brian Komar [MVP]
Guest
Posts: n/a

 
      05-12-2006, 11:55 AM
In article <(E-Mail Removed)>, (E-Mail Removed)
says...
> I need to issue internal certs for web servers and other applications in the
> future.
>
> If I setup a 2 level hierarchy Win2003domain, MS PKI solution, imagine I
> would use 2 servers without warranty (P4 1GB CPU, 2GB RAM), 3 year old Dell
> servers for the OFFLINE ROOT CA.
>
> I understand that I would keep the OFFLINE ROOT CA's shutdown and secured.
>
> Can you confirm in what occasion I would need to bring thosed OFFLINE ROOT
> CA online again ?
>
>
>

You need to bring them up to:
- Issue updated CRLs at regular intervals defined at the CA
- Issue new subordinate CA certificates
- Renew existing subordinate CA certificates
- revoke existing subordinate CA certificates

Brian
 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PKI (CA Hierarchy) and Hyper-V pros and cons hypnotix911 Security Software 4 03-04-2008 12:09 AM
Security token design question Pavel A. Security Software 1 29-07-2005 05:52 PM
easy question please help Security Software 5 23-01-2004 05:46 PM
Is it possible to secure private objects with hierarchical relationship taking, hierarchy into account? Antonio Security Software 0 19-12-2003 11:30 AM
Is it possible to secure private objects with hierarchical relationship with taking hierarchy into account? Antonio Security Software 0 12-12-2003 10:26 AM


All times are GMT. The time now is 05:31 PM.