Re: SSL for LDAP

Tech-Archive recommends: Speed Up your PC by fixing your registry

Yes, PKI is the best option. However, don't just install the certificate
services. Although this will work, you won't have the best setup. There's
quite a lot to a Windows PKI infrasructure and deployment. The
documentation on MSFTs site is great. Summarised, you need an offline root
CA and a subordinate enterprise CA (small setup).

http://technet2.microsoft.com/WindowsServer/en/library/091cda67-79ec-481d-8a96-03e0be7374ed1033.mspx?mfr=true

--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net

.

Relevant Pages

Re: SSL for LDAP
... Paul Williams wrote: ... There's quite a lot to a Windows PKI infrasructure and deployment. ... you need an offline root CA and a subordinate enterprise CA (small setup). ...
(microsoft.public.windows.server.active_directory)
Stand-alone Root CA.
... I have a quick question on how to setup and implement PKI in my department. ... We wnated to start off for our Intranet IIS and might in the future added to ... I just need a quick how to step to compare to mine. ...
(microsoft.public.security)
Re: Port for PKI messages
... if you are just starting the setup of ... PKI - then unless the specific port is being listened to - the messages ... >>is there a static port defined for use to exchange the PKI messages or ...
(comp.security.misc)