UEU-co logo


Previous Page Next Page

Configuring the Certificate Authority

The Certification Authority snap-in is used, either in the Server Manager or the MMC, to configure and manage the CA. To open the Certification Authority snap-in running in the MMC, click Start, Administrative Tools, Certification Authority. Figure 22.9 shows the Certification Authority snap-in running in the MMC.

Figure 22.9. The Certification Authority snap-in.

[View full size image]

The Certification Authority snap-in provides you with access to the certificate server’s properties and enables you to view certificates that have been revoked or issued, certificates that are pending, and certificate requests that have failed. These different certificate nodes in the snap-in can be used to view actual certificates and manage certificates (such as revoking certificates, as discussed later in the hour).

The snap-in also enables you to list and view the default certificate templates that are provided. These certificate templates include Domain Controller, Web Server, Computer, and User certificate templates. Certificates can be assigned to users, computers, and even computer services.

By the Way

Certificate Services is an advanced Windows Server 2008 feature that is usually used in conjunction with Group Policy and other Windows security features, such as IPSec, to secure the domain. Manipulating certificate templates is beyond the scope of this book. However, to get your feet wet working with certificate templates, open the Certificate Templates snap-in by expanding the CA server node in the Server Manager. You can duplicate any of the existing templates and change the properties of the copies as you require. You can then delete any of these copies after you are finished experimenting with them.

To view (and edit, if necessary) the properties for your certificate server, right-click the CA icon in the tree of the snap-in and select Properties from the shortcut menu. The CA Properties dialog box opens (see Figure 22.10).

Figure 22.10. The CA Properties dialog box.

The Properties dialog box consists of 10 tabs:

By the Way

The various certificate templates provided in the Certificate Templates snap-in (open in the Server Manager by expanding the AD CS node) can easily be duplicated. In fact, it’s a good idea to work with duplicates because it enables you to fine-tune the settings for that particular certificate template (by accessing the Properties for that template). You must then add any “new” templates that you create (by duplicating provided templates and changing the properties) to the CA. In the CA snap-in (in the Server Manger or the MMC), right-click the Certificate Templates node. On the shortcut menu, point at New and then click Certificate Template to Issue. The Enable Certificate Templates dialog box opens. Select the certificate template you want.

When you have completed viewing and editing the configuration settings for the CA, click OK. You are returned to the Certification Authority snap-in.

Previous Page Next Page

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.


apply_now Pepperstone Group Limited