Resources For IT Professionals
Get this Tag RSS feed
Popular Tags

Browse by Tags

 >  TechNet Articles  >  All Tags  >  PKI
Tagged Content List

  • Wiki Page: Public Key Infrastructure Design Guidance

    Before you configure a Public Key Infrastructure (PKI) and certification authority (CA) hierarchy, you should be aware of your organizations security policy and certificate practice statement (CPS). If your organization does not have such policy statements, you should consider creating them. For more...
    on4 Jul 2013

  • Wiki Page: How to rename a Certificate Authority

    Applies to: Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012 Certification Authority Naming Rules The certification authority (CA) name should never be the same as the server's computer name (NetBIOS or DNS / hostname). If you use non-Latin characters...
    on4 Jul 2013

  • Wiki Page: Active Directory Certificate Services (AD CS): Error: "In order to complete certificate enrollment, the Web site for the CA must be configured to use HTTPS authentication"

    After you install Certification Authority Web Enrollment pages, clients may see a warning message indicating that HTTPS must be used. Table of Contents Error Cause Resolution Implementing SSL on a Web site in the domain with an Enterprise CA Configure an appropriate certificate template for SSL...
    on28 Jun 2013

  • Wiki Page: CA Certificate shows Unknown Error for a subordinate CA in Enterprise PKI (PKIView.msc)

    Applies to all Windows operating system versions capable of running Enterprise PKI (PKIView) In a multitier PKI hierarchy, such as a two-tier or three tier PKI, the Enterprise PKI application will display "Unknown Error" for the CA certificate of a subordinate certification authority...
    on25 Jun 2013

  • Wiki Page: Asking questions or providing feedback about AD CS or PKI content

    You can ask technical questions about AD CS, PKI, or provide feedback about a document on the Security Forum . Please, remember to search the forum for your answer or issue before creating a new post. If you are providing feedback about a specific document, please, begin your forum post with Content...
    on18 Jun 2013

  • Wiki Page: AD CS and PKI Step-by-Steps, Labs, Walkthroughs, HowTo, and Examples

    This article is an evolving collection of Active Directory Certificate Services (AD CS) and Public Key Infrastructure (PKI) step-by-step information. The links in this article should take you to places where you can perform or see the actual steps for deploying or administering a PKI using AD CS. ...
    on15 May 2013

  • Wiki Page: Reduce the Operational Risk When Defending the Open Network with Microsoft PKI

    Table of Contents Introduction Protecting an Open Network Limitations of Traditional Network Security Security Solution Requirements Solution: Microsoft PKI How Microsoft PKI Works Certificate services IPSec support Encrypted e-mail communication Wireless security Centralized management features Scenarios...
    on15 May 2013

  • Wiki Page: Troubleshooting PKI Problems on Windows

    Other Resources Security Developer Center Cryptography Topics on MSDN Follow us on Twitter CAPI2 Diagnostics is a feature first introduced in Microsoft® Windows® Vista. This feature provides administrators with an ability to troubleshoot PKI problems by collecting detailed...
    on15 May 2013

  • Wiki Page: Windows XP: Certificate Status and Revocation Checking

    Applies To Windows XP Currently this Applies to Windows XP only. The article How Certificate Revocation Works applies to Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. The goal is to integrate the two articles here in the future. Table of Contents Introduction...
    on7 May 2013

  • Wiki Page: How to Generate a Self-Signed Certificate Using PowerShell

    Overview There may come a time when a certificate is needed for testing purposes, and a certification authority (CA) is not readily available. The sample script below provides the following: -Self-signed certificates in the Local Machine Personal store -2048 lenth private keys marked exportable...
    on23 Apr 2013

  • Wiki Page: Active Directory Certificate Services Performance Reports

    When IT professionals are designing a public key infrastructure (PKI) and deploying certification authorities (CA), a common question is to ask is "What type of performance can I expect?" Of course, this is a difficult question to answer because the actual performance of the computer, the...
    on16 Apr 2013

  • Wiki Page: Implementing Certificate Enrollment Web Services in Windows Server® 2012 That Uses an Issuing CA With Spaces in the Name

    In Windows Server 2012, if you implement Certificate Enrollment Web Services to target an Issuing certification authority (CA) that has spaces in the name, some additional configuration is required: You must modify the URI in the Application Settings for the Certificate Enrollment Web Services...
    on6 Apr 2013

  • Wiki Page: AD DS Site Awareness for AD CS and PKI Clients

    Table of Contents Enabling site awareness on a CA Client selection of a CA Applies to Windows®8 and Windows Server® 2012 Certificate services in Windows® 8 and Windows Server® 2012 can be configured to utilize Active Directory Domain Service (AD DS) site s to help optimize certificate services...
    on20 Mar 2013

  • Wiki Page: Large CRLs: What is Added to a Certificate Revocation List (CRL)?

    This article discusses the reasons a certificate revocation list (CRL) can become large. The contents of this article include the following: Table of Contents What makes large CRL? Additional References What makes large CRL? There is really one item that makes the CRL grow: revoked certificates...
    on14 Mar 2013

  • Wiki Page: Certificates Help

    This topic extends the help provided for certificates in Windows. Table of Contents Certificate Path Validation Settings Stores tab Trusted Publishers tab Network Retrieval tab Revocation tab Domain Group Policy Credential roaming Certificate autoenrollment Certificate path validation Certificate...
    on13 Feb 2013

  • Wiki Page: Test Lab Guide: Converting a Single-Tier PKI CA Hierarchy to a Two-Tier PKI Hierarchy

    Under construction: This guide is a work in progress and is not complete. The original author will remove this note when the guide is ready for use. Applies to Windows Server 2008 R2, Windows 7 **** NEED TO INCORPORATE ADVICE FROM http://blogs.technet.com/b/pki/archive/2012/01/27/steps-needed...
    on13 Feb 2013

  • Wiki Page: AD: Certification Authority Web Enrollment Configuration Failed 0x80070057 (WIN32: 87)

    Table of Contents Error Cause Resolution Error If you run into the following error when trying to install CA Web Enrollment after migrating or restoring a CA: Certification Authority Web Enrollment: Configuration Failed Active Directory Certificate Services setup failed with the following...
    on13 Feb 2013

  • Wiki Page: Running AD CS on Server Core

    Applies to Windows Server 2012 RC There are several changes from earlier operating systems regarding the installation of roles on Server Core. For example, you can install and configure Windows Server 2012 RC using the graphical user interface (GUI) and then switch to the Server Core option. You...
    on12 Feb 2013

  • Wiki Page: Active Directory Certificate Services SMTP Exit Module for Windows Server 2008 R2 Example

    The following is a Windows Server 2008 and Windows Server 2008 R2 version of the SMTP Exit Module posted at http://technet.microsoft.com/en-us/library/cc773129(WS.10).aspx Sample Configuration Batch File The following batch file can be used as a sample to configure the SMTP exit module...
    on7 Feb 2013

  • Wiki Page: Step by Step Guide - Single Tier PKI Hierarchy Deployment

    The purpose of this Step-by-Step Guide is to enable you to create a single-tier public key infrastructure (PKI) hierarchy using Windows Server® 2008 R2 Active Directory Certificate Services (AD CS). This guide contains instructions for installation/configuration of Windows Server 2008 R2 Enterprise...
    on7 Feb 2013

  • Wiki Page: AD CS Remote Server Management

    Applies to: Windows Server 2012 RC There are multiple methods for managing AD CS remotely using the following built-in tools and methods: Remote Server Administration Tools for Windows 8 Remote Server Administration Tools for Windows Server 2012 In Server Manager, click Manage , and...
    on7 Feb 2013

  • Wiki Page: Errata in Windows Server® 2008 PKI and Certificate Security from MS Press

    This article has been created in response to customer issues that have been brought up to Microsoft Support, forums, and other community connection points. The official location to submit errata for the Windows Server® 2008 PKI and Certificate Security book by Brian Komar is on the O'Reilly Web...
    on5 Feb 2013

  • Wiki Page: Hardware Security Module (HSM)

    A hardware security module (HSM) is a hardware encryption device that's connected to a server at the device level, typically using PCI, SCSI, serial, or USB interfaces. An HSM is a dedicated hardware device that is managed separately from the operating system. These modules provide a secure hardware...
    on2 Feb 2013

  • Wiki Page: AD CS PKI Design

    Active Directory Certificate Services (AD CS) Public Key Infrastructure (PKI) Design Guide The Windows Server® product line provides a variety of secure applications and business scenarios based on the use of digital certificates. Before you can use digital certificates, however, you need to design...
    on15 Jan 2013

  • Wiki Page: Offline Root Certification Authority (CA)

    A root certification authority (CA) is the top of a public key infrastructure (PKI) and generates a self-signed certificate. This means that the root CA is validating itself (self-validating). This root CA could then have subordinate CAs that effectively trust it. The subordinate CAs receive a certificate...
    on14 Jan 2013
Page 2 of 3 (64 items) 123
Can't find it? Write it!

Post an Article