Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
AD recognition of local CA
0 views
Skip to first unread message
yba02
Sep 22, 2006, 3:48:02 PM9/22/06
to
Hi,
In a 2k3 AD, I installed a local CA and it seems it works fine. However,
when I asked my defautl web site of Exchange 2k3 IIS to request a certificate
, the second option that reads something like "request a certificate from an
online certification authority and send request immediately" was dimmed. I
understand that this is so because AD still does not recognize its neighbour
CA. If a mistake has happened to stop AD from recognizing the CA, how to
correct that? How to make the AD recognize the CA so that my Exchange IIS
also recognize the CA, which actually resides on Exchange itself (single
server)?
Thanks
Yba
In a 2k3 AD, I installed a local CA and it seems it works fine. However,
when I asked my defautl web site of Exchange 2k3 IIS to request a certificate
, the second option that reads something like "request a certificate from an
online certification authority and send request immediately" was dimmed. I
understand that this is so because AD still does not recognize its neighbour
CA. If a mistake has happened to stop AD from recognizing the CA, how to
correct that? How to make the AD recognize the CA so that my Exchange IIS
also recognize the CA, which actually resides on Exchange itself (single
server)?
Thanks
Yba
Brian Komar [MVP]
Sep 22, 2006, 4:05:21 PM9/22/06
to
In article <100B7FE6-87B8-4042...@microsoft.com>, yba02
@discussions.microsoft.com says...How did you set up the CA? To send directly to an online CA, the CA must
be installed as an enterprise CA and the Web Server certificate template
must be available. If you installed, as I suspect, a CA with a
standalone policy, then what you experienced is expected.
Brian
@discussions.microsoft.com says...
be installed as an enterprise CA and the Web Server certificate template
must be available. If you installed, as I suspect, a CA with a
standalone policy, then what you experienced is expected.
Brian
yba02
Sep 22, 2006, 6:36:01 PM9/22/06
to
Hi,
Thanks. Indeed yes, I installed it as a stand alone CA. And now, I think I
will just remove it and install the CA again as Enterprise. What is that KB
for removing a CA from AD, Server 2k3 please.
Thanks
Yba
Thanks. Indeed yes, I installed it as a stand alone CA. And now, I think I
will just remove it and install the CA again as Enterprise. What is that KB
for removing a CA from AD, Server 2k3 please.
Thanks
Yba
CipherTeKST
Sep 24, 2006, 3:03:01 AM9/24/06
to
Instead of just removing stand-alone CA from your WinSrv2k3 I would suggest
you backup your existing key pairs then migrating the server to Enterprise
CA. Here is a link on how to do this.
you backup your existing key pairs then migrating the server to Enterprise
CA. Here is a link on how to do this.
Goodluck!
--
CipherTeKST
MCSE: Security 2003, CCNA, Security+
Brian Komar [MVP]
Sep 24, 2006, 11:29:57 AM9/24/06
to
In article <6A2BEF5C-A3CA-477B...@microsoft.com>, yba02
@discussions.microsoft.com says...
> Hi,
> Thanks. Indeed yes, I installed it as a stand alone CA. And now, I think I
> will just remove it and install the CA again as Enterprise. What is that KB
> for removing a CA from AD, Server 2k3 please.
> Thanks
> Yba
>
Here it is, but come on... you could of searched for this one
yourself...
http://support.microsoft.com/kb/889250/en-us
Brian
@discussions.microsoft.com says...
> Hi,
> Thanks. Indeed yes, I installed it as a stand alone CA. And now, I think I
> will just remove it and install the CA again as Enterprise. What is that KB
> for removing a CA from AD, Server 2k3 please.
> Thanks
> Yba
>
yourself...
http://support.microsoft.com/kb/889250/en-us
Brian
yba02
Sep 24, 2006, 3:49:01 PM9/24/06
to
Hi,
Thanks.
Indeed this reply, even highly appreciated, came a bit late as I have
already got the KB and now I have an Enterprise Local CA. Thanks again.
Yba
Thanks.
Indeed this reply, even highly appreciated, came a bit late as I have
already got the KB and now I have an Enterprise Local CA. Thanks again.
Yba
0 new messages