Hi, I am working FIM CM implementation. recently our company started using 3rd party CA. Now management wants us to intergrate the existing FIM CM to 3rd party CA. Could you help me to understand How we can intergrate FIM with 3rd party CA. This 3rd party CA has a XML interface which understand request in xml format. If anyone has done any work on this kind of case study please share your thoughts. Cheers, Kukudi

Hi, I am eargly wating for responce. Please share your thoughts? Cheers, Kukudi

I have not deployed any 3rd party CA instances for FIM CM. - I prefer to set up a Microsoft CA subordinate to a 3rd party CA (better integration) - The documentation absolutely sucks - Difficult to get support from the product group on this technology Here are some links that may be somewhat useful http://technet.microsoft.com/en-us/library/ee534894%28WS.10%29.aspx Unfortunately, the references from this page are circular (back to the page referenced above) Further, if you go into the developer referenced, you are linked to CLM references. Sigh.... Sorry I could not be of more assistance Brian

Thanks Brian, I was going thru the scenarion mentioned in above like which is somewhat similar to what i am looking for. I have Some technical questions like.. 1. I am not sure How the approved certificate request goes? 2. What should the .NET Assembly should have. Will it be possible to only have xml format which my 3rd party CA integration can understand? 3. How my responce certificate can be intergrated with FIM CM? 4. To build the Third party connector if i use Provisioing API how it is possible to update the CRL. I will appriciate if you could also help me to understand above mention questions. It will help me to develop the .NET Assembly. Cheers, Kukudi

Sorry, I am unable to provide you answers (not a developer) Hopefully someone from the product team will pick this thread up for you Brian

Hi, Anybody from product team...please share your thoughts... Kukudi

Hi, Trying to answer: 1. I am not sure How the approved certificate request goes? If you're reffering to the approval process in FIM CM then the experience is the same as in Microsoft CAs cases. 2. What should the .NET Assembly should have. Will it be possible to only have xml format which my 3rd party CA integration can understand? ICertificateServer implementation methods in your connector will be called by FIM CM and they are responsible for the communication (bridge) with your CA, so you'll have to convert to and from XML format. 3. How my responce certificate can be intergrated with FIM CM? 4. To build the Third party connector if i use Provisioing API how it is possible to update the CRL. The connector implements ICertificateServer.PublishCrl. A couple hints/links from the article mentioned above http://technet.microsoft.com/en-us/library/ee534894%28WS.10%29.aspx - you need to develop a connector to your CA implementing ICertificateServer interface http://msdn.microsoft.com/en-us/library/microsoft.clm.shared.certificateserver.icertificateserver.aspx - your connector needs to be added to CA list in FIM CM via clmutil -addca utility tool http://technet.microsoft.com/en-us/library/gg557559(v=ws.10).aspx Hope this helps. Mihail