Digital Certificates
From: Tony Su (anonymous_at_discussions.microsoft.com)
Date: 05/13/04
- Next message: MS Newbie: "RE: Problems with VPN -- Please Help!!"
- Previous message: PY Wong: "Re: Privacy concerns when redirecting my document folders to the server"
- In reply to: Adam Hugo: "Digital Certificates"
- Next in thread: Steve Foster [SBS MVP]: "Re: Digital Certificates"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 13 May 2004 06:19:12 -0700
>From what I've seen, I don't see how the certificates
generated by the CEICW can be verified (although maybe
someone might describe something I've missed).
Consider what purpose you wish to use your certificates.
If you wish to secure email, you only need to issue
certificates, you do not need to publicly verify the
certificate, it's a private mutual exchange of
certificates between the two parties only.
If you want to set yourself up as a public CA where you
verify the identity of a webserver or client through PKI,
you will probably need to install Certificate Server,
publish it and modify the entry which describes how your
Certificate Server is to be identified on the Internet.
I describe how to install Certificate Server in my "Web
Publishing Companyweb" paper so you can issue any number
of certificates for any need you might have.
You would also publish your CA by either modifying your
OwA Web Publishing Rule or creating a new rule.
The instructions for modifying your CA for its Internet
name is in the help files and KB.
If your Users are configured to trust your private CA,
they will not see the popup warnings you often see today
in SBS (which, by the way IMO is a serious security issue
people are not paying enough attention to).
Tony Su
>-----Original Message-----
>I've been asked by one of our users if it's possible to
have a digital
>certificate without paying for it. I know it will be
untrusted and will
>prompt people because of that and have warned him of this.
>
>I've had a look at the certificates bit on the server and
have figured out
>issuing certificates. My question is how do I make the
verification service
>available over the net, so that if people choose to trust
the issuing
>authority the authenticity of a certificate can be
verified?
>
>Running SBS 2003 Premium with ISA installed.
>
>Thanks for any assistance you can give me.
>
>
>
>Adam
>
>
>.
>
- Next message: MS Newbie: "RE: Problems with VPN -- Please Help!!"
- Previous message: PY Wong: "Re: Privacy concerns when redirecting my document folders to the server"
- In reply to: Adam Hugo: "Digital Certificates"
- Next in thread: Steve Foster [SBS MVP]: "Re: Digital Certificates"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
