Browse by Tags

Tagged Content List
  • Wiki Page: Active Directory Certificate Services (AD CS) Public Key Infrastructure (PKI) Frequently Asked Questions (FAQ)

    AD CS PKI FAQ Table of Contents AD CS PKI FAQ Where should I post my AD CS questions? Which blogs should I follow for AD CS? Where can I find more information about AD CS Events in the Event Viewer? What are the changes for AD CS between Windows Server 2008 and Windows Server 2008 R2? Will you post...
  • Wiki Page: Test Lab Guide Mini-Module: Cross-Forest Certificate Enrollment using Certificate Enrollment Web Services

    Applies to Windows Server 2012 and Windows 8 Table of Contents Prerequisites Configuration Install and configure Litwareinc.com Install the operating system on Litwareinc-DC1 Configure the TCP/IP properties on Litwareinc-DC1 Configure Litwareinc-DC1 as a domain controller and DNS server Create a user...
  • Wiki Page: Active Directory Certificate Services PKI - Key Archival and Management

    Applies to Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012. This article describes best practices and provides procedures for key archival and recovery operations with certification authorities (CAs) in Active Directory® Certificate...
  • Wiki Page: Windows Server 2012 Active Directory Certificate Services (CA) Kurulumu TR-tr

    Merhaba.Windows Server 2012 Directory Services ile ilgili makalelerimize devam ediyoruz.Bu bölümde, Active Directory Domain Services ile entegre olarak çalışan Active Directory Certificate Services’ı açıklayıp, kurulumunu gerçekleştireceğiz. Active Directory Certificate Services, yazılım güvenlik...
  • Wiki Page: Credential Roaming

    NOTE: This document is being updated for Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 Applies to Windows Server 2003 SP1, Windows Server 2003 R2, Windows XP SP2, Windows Server 2008, Windows Vista Credential roaming does not apply to Windows RT devices...
  • Wiki Page: Network Device Enrollment Service (NDES) in Active Directory Certificate Services (AD CS)

    The Network Device Enrollment Service (NDES) is one of the role services of the Active Directory Certificate Services (AD CS) role. It implements the Simple Certificate Enrollment Protocol (SCEP). SCEP defines the communication between network devices and a Registration Authority (RA) for certificate...
  • Wiki Page: AD CS: Certificate Authority installation fails: "Provider could not perform the action since the context was acquired as silent. 0x80090022 (-2146893790)"

    Table of Contents Symptom Cause Resolution Symptom Certificate Authority installation fails: "Provider could not perform the action since the context was acquired as silent. 0x80090022 (-2146893790)" Cause Check the CA registry for the following value...
  • Wiki Page: Certificate Chaining Engine (CCE)

    Applies to: Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 Often the certificate path/revocation checking issues that certification authority (CA) admins encounter are caused by invalid CDP ( CRL Distribution Point ) or AIA ( Authority Information Access ) configuration. This article...
  • Wiki Page: Active Directory Certificate Services (AD CS) PowerShell Examples

    Examples of what you can do with Active Directory PowerShell related to certificate management in Active Directory Certificate Services (AD CS) Table of Contents Update User Certificates View User Certificates Installing AD CS with Install-AdcsCertificationAuthority Additional Resources Update...
  • Wiki Page: Configure SSL/TLS on a Web Site in the Domain with an Enterprise CA

    There are many web (HTTP) services that require secure sockets layer (SSL) / transport layer security (TLS). If you have an Windows Server-based Enterprise Certification Authority (CA), you can use the following instructions to get an SSL certificate configured for an Internet Information Services...
  • Wiki Page: Active Directory Certificate Services (AD CS) Clustering

    Table of Contents Applies To: Scope Windows Versions That Support Certificate Services Clustering Cluster Requirements Supported Deployment Scenarios Preparing the CA Cluster Environment Installing the Operating System on Cluster Nodes Setting Up a Shared Storage Configuring a Network HSM Installing...
  • Wiki Page: Public Key Infrastructure Design Guidance

    Before you configure a Public Key Infrastructure (PKI) and certification authority (CA) hierarchy, you should be aware of your organizations security policy and certificate practice statement (CPS). If your organization does not have such policy statements, you should consider creating them. For more...
  • Wiki Page: How to rename a Certificate Authority

    Applies to: Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012 Certification Authority Naming Rules The certification authority (CA) name should never be the same as the server's computer name (NetBIOS or DNS / hostname). If you use non-Latin characters...
  • Wiki Page: Active Directory Certificate Services (AD CS): Error: "In order to complete certificate enrollment, the Web site for the CA must be configured to use HTTPS authentication"

    After you install Certification Authority Web Enrollment pages, clients may see a warning message indicating that HTTPS must be used. Table of Contents Error Cause Resolution Implementing SSL on a Web site in the domain with an Enterprise CA Configure an appropriate certificate template for SSL...
  • Wiki Page: Creating a certificate template that includes the Microsoft Platform Crypto Provider on a CA with no TPM

    Applies to Windows Server 2012 R2 Preview, Windows Server 2012, Windows 8, and Windows 8.1 Preview Windows 8 and Windows Server 2012 Certificate Authority support the use of Trusted Platform Modules (TPMs) to secure certificate keys. A key storage provider (KSP) named the “Microsoft Platform...
  • Wiki Page: Certutil Examples for Managing Active Directory Certificate Services (AD CS) from the Command Line

    Applies to: Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 Certutil.exe is a command-line program that is installed as part of Active Directory Certificate Services (AD CS). You can use Certutil.exe to dump and display certification...
  • Wiki Page: How to Configure a Static DCOM Port for AD CS

    Table of Contents To configure the Active Directory Domain Services (AD CS) certification authority (CA) service (CertSvc) to listen on a static DCOM port If you also want to disable the RPC Interface on the computer running the CertSvc Additional information To configure the Active Directory Domain...
  • Wiki Page: AD CS and PKI Step-by-Steps, Labs, Walkthroughs, HowTo, and Examples

    This article is an evolving collection of Active Directory Certificate Services (AD CS) and Public Key Infrastructure (PKI) step-by-step information. The links in this article should take you to places where you can perform or see the actual steps for deploying or administering a PKI using AD CS. ...
  • Wiki Page: Troubleshooting Certificate Autoenrollment in Active Directory Certificate Services (AD CS)

    These are the steps to troubleshoot autoenrollment problems. The basis for this article was produced by a veteran field troubleshooting engineer, Roger Grimes. The article assumes that certificates that a user or machine should be receiving automatically from an issuing CA server on the network are...
  • Wiki Page: Windows XP: Certificate Status and Revocation Checking

    Applies To Windows XP Currently this Applies to Windows XP only. The article How Certificate Revocation Works applies to Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. The goal is to integrate the two articles here in the future. Table of Contents Introduction...
  • Wiki Page: AD CS: How to Obtain a List of Certificate Templates that are Superceding other Certificate Templates

    Summary In environments where there are many certificate templates in Active Directory, you may have the need to view which certificate templates are superseding others, and utilizing the Certificate Templates MMC console is not an efficient option. An example of when you might need this data...
  • Wiki Page: Active Directory Certificate Services Performance Reports

    When IT professionals are designing a public key infrastructure (PKI) and deploying certification authorities (CA), a common question is to ask is "What type of performance can I expect?" Of course, this is a difficult question to answer because the actual performance of the computer, the...
  • Wiki Page: Incompatible with Windows Server 2008 Enterprise (Version 3 or V3) Certificate Templates

    This article applies to applications, operating systems, and devices that do not support version 3 (CNG) templates , which can be issued by Windows Server 2008 Enterprise and Datacenter editions as well as Windows Server 2008 R2 Standard, Enterprise, and Datacenter editions running Active Directory...
  • Wiki Page: Large CRLs: What is Added to a Certificate Revocation List (CRL)?

    This article discusses the reasons a certificate revocation list (CRL) can become large. The contents of this article include the following: Table of Contents What makes large CRL? Additional References What makes large CRL? There is really one item that makes the CRL grow: revoked certificates...
  • Wiki Page: Active Directory Certificate Services (AD CS) Overview

    Active Directory Certificate Services (AD CS) provides customizable services for issuing and managing public key infrastructure (PKI) certificates used in software security systems that employ public key technologies. The digital certificates that AD CS provides can be used to encrypt and digitally...
Page 1 of 2 (36 items) 12
Can't find it? Write it!