RE: PKI
- From: briandel@xxxxxxxxxxxxxxxxxxxx (Brian Delaney [MSFT])
- Date: Wed, 28 Mar 2007 03:12:11 GMT
Hi,
There's really not enough information here. How exactly are you using PKI
for remote access? Do all the users have their own certificate? Are you
using smart cards?
Generally speaking the quickest way to move to a new PKI is to plan and
build the new PKI and reissue all certs from the new CA. If you are
looking for an easier way then run the two roots at the same time using the
new PKI for all new/renewed certs while the old PKI only to republish CRLs,
revoke certs, etc.
Either way, spend some serious time planning the new PKI to ensure you get
it right. Check out www.microsoft.com/pki. Also, I'd recommend engaging
one of the groups at Microsoft to review and assist you with your PKI
design and implementation.
Hope this helps,
Brian Delaney
Microsoft Canada
--
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
Thread-Topic: PKIcert.
thread-index: Acdta3EoKvwrkptoQZyDxagr1tELEg==
X-WBNR-Posting-Host: 207.46.19.168
From: =?Utf-8?B?cC5v?= <po@xxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: PKI
Date: Fri, 23 Mar 2007 09:51:03 -0700
Hi
I've instaled enterprise root ca, and remote access authenticated via
I want to implement PKI from the beginig. What should I do to preserveremote
acces.in
I plans to install root ca and one subordinate. Could work two root ca's
organization.
Could you give me some advice how to implement PKI.
.
- Prev by Date: RE: CA Client Certificates only expire in one years time
- Next by Date: RE: GPO What is going on???
- Previous by thread: Can not rename file using the word site / 'site' / "site".
- Next by thread: RE: PKI
- Index(es):
Relevant Pages
|
