Translate this site using Windows Live Translator:
Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » PKI   (RSS)

Updated Blog Post for How to Publish the CRL on a Separate Web Server – for Delta CRLs

[ Carol Bailey has updated her previous post "How to Publish the CRL on a Separate Web Server"] We've recently updated our blog post for publishing the CRL on a separate Web server because the instructions were missing the variable <DeltaCRLAllowed> Read More...
Posted Thursday, August 13, 2009 9:50 AM by Configuration Manager Team | 0 Comments
Filed under: ,

Recommended White Paper for Native Mode Customers: Deploying and Managing PKI inside Microsoft (Microsoft IT Showcase)

[ Carol Bailey gives us a recommendation for PKI reading material] Customers that are running Configuration Manager in native mode and support Internet-based client management might be interested in reading the following technical white paper that was Read More...
Posted Thursday, August 13, 2009 9:41 AM by Configuration Manager Team | 0 Comments
Filed under:

Recommendations for PKI Key Lengths and Validity Periods with Configuration Manager

[Today's post is provided by Carol Bailey ] I sometimes get questions from customers about values to set for the key sizes and validity periods for the certificates required for native mode and out of band management in Configuration Manager. This has Read More...
Posted Friday, June 12, 2009 10:29 AM by Configuration Manager Team | 6 Comments
Filed under: , ,

How to Publish the CRL on a Separate Web Server

[Today's post is provided by Carol Bailey ] By default, an issuing enterprise CA publishes its certificate revocation list (CRL) to locations within the forest. When you are using Internet-based client management with Configuration Manager, there are Read More...
Posted Friday, May 01, 2009 10:02 AM by Configuration Manager Team | 5 Comments
Filed under: ,

Resolving Certreq Errors: Key Size and User Permissions

[Today's post is provided by Carol Bailey ] I've openly admitted that I don't find the command-line utility, Certreq.exe, the easiest of the Certificate Services methods to use when it comes to deploying certificates for Configuration Manager native mode. Read More...
Posted Wednesday, April 29, 2009 11:13 AM by Configuration Manager Team | 1 Comments
Filed under: ,

How to Renew the Site Server Signing Certificate (Microsoft Certificate Services)

[Today's post is brought to you by Carol Bailey ] Have you tried to renew the existing site server signing certificate for a native mode site, and wondered how to do this without creating a new certificate? This post provides a procedure to do this that Read More...
Posted Wednesday, February 11, 2009 11:06 AM by Configuration Manager Team | 3 Comments
Filed under: , ,

How to Specify the Container Name on the Web Enrollment Page for Certificate Services

[Today's post is brought to you by Carol Bailey ] I'm going to share some information about an option on the Certificate Services advanced Web enrollment page, because I couldn't find it documented anywhere and it took me a long time to work it out. However, Read More...
Posted Monday, February 09, 2009 1:47 PM by Configuration Manager Team | 5 Comments
Filed under: ,

Deploying Certificates and Potential Timing Issues

[Today's post is contributed by Carol Bailey ] A number of certificate deployment issues I see are down to timing issues. Like other distributed systems with many moving parts, Microsoft Certificate Services often requires more time and patience to do Read More...
Posted Wednesday, February 04, 2009 1:31 PM by Configuration Manager Team | 7 Comments
Filed under: , ,

Does Configuration Manager Native Mode Have to Use a Single CA Hierarchy?

[Today's post is contributed by Carol Bailey ] We've seen this question come up a few times, and the simple answer is no - as long as the communicating computers have a trust in common, and the correct certificates are used, native mode works just fine. Read More...
Posted Wednesday, January 28, 2009 1:51 PM by Configuration Manager Team | 5 Comments
Filed under: , , ,

Can I Use a Public CA for Configuration Manager Native Mode?

[Today's post comes from Carol Bailey ] Many companies do not currently have their own public key infrastructure (PKI) with an issuing Certification Authority (CA) but still want to benefit from native mode and Internet-based client management - which Read More...
Posted Monday, January 26, 2009 12:17 PM by Configuration Manager Team | 7 Comments
Filed under: , , ,
 
Page view tracker