Re: SSL for LDAP

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Yes, PKI is the best option. However, don't just install the certificate
services. Although this will work, you won't have the best setup. There's
quite a lot to a Windows PKI infrasructure and deployment. The
documentation on MSFTs site is great. Summarised, you need an offline root
CA and a subordinate enterprise CA (small setup).

http://technet2.microsoft.com/WindowsServer/en/library/091cda67-79ec-481d-8a96-03e0be7374ed1033.mspx?mfr=true

--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net

.

Relevant Pages

Re: SSL for LDAP
... Paul Williams wrote: ... There's quite a lot to a Windows PKI infrasructure and deployment. ... you need an offline root CA and a subordinate enterprise CA (small setup). ...
(microsoft.public.windows.server.active_directory)
Re: OpenVPN Setup
... Next, initialize the PKI. ... If you're trying to setup a CA for PKI, then you're not following the static key document: ... The directions assume you are running /bin/sh. ...
(freebsd-questions)
Stand-alone Root CA.
... I have a quick question on how to setup and implement PKI in my department. ... We wnated to start off for our Intranet IIS and might in the future added to ... I just need a quick how to step to compare to mine. ...
(microsoft.public.security)
Re: Port for PKI messages
... if you are just starting the setup of ... PKI - then unless the specific port is being listened to - the messages ... >>is there a static port defined for use to exchange the PKI messages or ...
(comp.security.misc)