Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows 2000 Certificate Authority By Saunders Roesser.

Published byJoseph Rich Modified over 8 years ago

Similar presentations

Presentation on theme: "Windows 2000 Certificate Authority By Saunders Roesser."— Presentation transcript:

1 Windows 2000 Certificate Authority By Saunders Roesser

2 What is a Certificate Authority (CA)? Straight from Microsoft: “A certification authority is a service that issues the certificates needed to run a public key infrastructure. The CA could be an external commercial CA, or it could be a CA run by your company. The certificates enable a user to log on using a smart card, send encrypted e-mail, code-sign documents, and more. Since a CA is an important trust point in an organization, most organizations will have their own CA. “

3 Types of MS Certificate Authorities Enterprise CA Stand Alone CA

4 Enterprise CA An enterprise CA is used with a Windows 2000 domain and Active Directory Services. Requires entries of user in Active Directory in order to request certificate. Can be used in logon security. Two subclasses: –Root –Subordinate

5 Standalone CA For issuing certificates to users or computers outside a Windows 2000 domain. Cannot be used for logon security. Two subclasses: –Root –Subordinate

6 CA Organization CAs are organized into a hierarchy One root trust point. Subordinates are trusted because the root node is trusted. You can have more then one Enterprise CA in an active directory domain. As well as you can mix standalone CAs with enterprise ones.

7 Enterprise CA requirements Windows 2000 Server Windows 2000 DNS Active Directory Services Administrative Rights Can be installed on a domain controller or domain member computer.

8 Standalone CA Requirements Windows 2000 Server Local Administrative Rights

9 The Actual Setup Concerned with Enterprise CA setup First, you need administrative rights in the already established Active Directory.

10 The Install Use the “Add/Remove Programs” control panel. Click “Add/Remove Windows Components” Check “Certificate Services”. Also check IIS if you wish to use the web based components (if it isn't already checked).

11

12 Install continued.. Specify the Type of CA: –If Active Directory is not installed, you can only install a stand alone Certificate Authority. –If an Active Directory is detected, the Enterprise root CA option is selected if there are no CAs already registered in the Active Directory. –If there are CAs registered in the Active Directory, the Enterprise subordinate CA option is selected.

13 Install Continued Choose Length Keys to generate: –384 bit to 16384 bit Used Existing Keys? Set the CA name (common name) Valid for time (how long till the root certificate expires) Install Location options, including shared folders.

14 Install continued. If IIS is installed, it is required to restart, to install Certificate Services on the web server. Options to install a Commercial certificate. That’s it.

15 Remove CA If you wish to uninstall a CA, just go to “Add/Remove Programs” then “Add Windows Components” and uncheck the box for “Certificate Services”

16 How to Administrate a CA Used the Certificate Authority Administrative Tool.

17

18 Administrating From the Administrative Tool, you can: –Issue New Certificates –Revoke Certificates –See Pending Requests –Failed Requests –Policy Settings

19

20

21

22

23 Common Uses Certificate for Dial-in Users Encrypted/Non-repudiation emails Encrypted File System Web Server VPN support

24 IIS Certificate Install Want to make your website do SSL? Install a certificate.

25

26

27

28

29

30

31

32 CA Web Services http://localhost/certsrv Can create certificates for clients

33

34

35 Active Directory

36 Certificate Authority Questions? Comments?

Download ppt "Windows 2000 Certificate Authority By Saunders Roesser."

Similar presentations

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
Planning a Public Key Infrastructure

Planning a Public Key Infrastructure
Windows 2003 Server. Windows 2003 Server Contents Fitur Windows 2003 Server Installation And Configuration Windows Management Resource  User Management.

Windows 2003 Server. Windows 2003 Server Contents Fitur Windows 2003 Server Installation And Configuration Windows Management Resource  User Management.
Deploying and Managing Active Directory Certificate Services

Deploying and Managing Active Directory Certificate Services
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Chapter 9 Deploying IIS and Active Directory Certificate Services

Chapter 9 Deploying IIS and Active Directory Certificate Services
Installation and Deployment in Microsoft Dynamics CRM 4.0

Installation and Deployment in Microsoft Dynamics CRM 4.0
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Intel Confidential 1 Configure PKI Web Server Certificates for each Management Controller.

Intel Confidential 1 Configure PKI Web Server Certificates for each Management Controller.
WSU A Symphony in Four Movements. A Century of Controlled Flight.

WSU A Symphony in Four Movements. A Century of Controlled Flight.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Chapter 11: Active Directory Certificate Services

Chapter 11: Active Directory Certificate Services
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Similar presentations

Ads by Google