|
Home > Archive > IIS Server Security > April 2005 > Issiung certifcates by a Windows 2000 Enterprise CA
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Issiung certifcates by a Windows 2000 Enterprise CA
|
|
| Patrick 2005-04-26, 2:49 am |
| Hi All,
We have a AD domain with a Win2K and a Win2K3 server. IIS runs on ythe
Win2K3 server. I am about to install a Certificate Server on the Wn2K box
(anr using "Windows" Certifcatesand then use it to service https requests.
Has anyone of you come across/foresee problems with this setup?
TIA
Patrick
| |
| Jason Brown [MSFT] 2005-04-28, 5:58 pm |
| Depends what you're going to use them for. If you're using them internally,
you can set your CA as a trusted root in your browsers, but if you want to
use them on the net, you can't guarantee the issuer will be trusted by your
clients. They'll get a warning box about that, but the SSL transactions will
still work as long as they hit OK to trust...
--
Jason Brown
Microsoft GTSC, IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
"Patrick" <Patrick@discussions.microsoft.com> wrote in message
news:5A8B9EFD-C2E4-4CB6-BC51-2062CC1744AA@microsoft.com...
| Hi All,
|
| We have a AD domain with a Win2K and a Win2K3 server. IIS runs on ythe
| Win2K3 server. I am about to install a Certificate Server on the Wn2K box
| (anr using "Windows" Certifcatesand then use it to service https requests.
|
| Has anyone of you come across/foresee problems with this setup?
|
| TIA
|
| Patrick
| |
| Patrick 2005-04-29, 8:05 am |
| Hi Jason,
Thanks for the post.
Yes, it will be used by the domain users only.
Will be there be any issues when it comes to upgrading the Windows 2000
server to Windows 2003? Most likely I will have to re-intslall the
Certificate Server, wouldn't I?
Also, in the event I need de-install Certificate Server from the Win2K box,
can I do that without disturbing the Active Directory?
Thanks heaps
Patrick
"Jason Brown [MSFT]" wrote:
> Depends what you're going to use them for. If you're using them internally,
> you can set your CA as a trusted root in your browsers, but if you want to
> use them on the net, you can't guarantee the issuer will be trusted by your
> clients. They'll get a warning box about that, but the SSL transactions will
> still work as long as they hit OK to trust...
>
>
> --
> Jason Brown
> Microsoft GTSC, IIS
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> "Patrick" <Patrick@discussions.microsoft.com> wrote in message
> news:5A8B9EFD-C2E4-4CB6-BC51-2062CC1744AA@microsoft.com...
> | Hi All,
> |
> | We have a AD domain with a Win2K and a Win2K3 server. IIS runs on ythe
> | Win2K3 server. I am about to install a Certificate Server on the Wn2K box
> | (anr using "Windows" Certifcatesand then use it to service https requests.
> |
> | Has anyone of you come across/foresee problems with this setup?
> |
> | TIA
> |
> | Patrick
>
>
>
|
|
|
|
|