CA Mistake: C=us instead of C=US
Hi. I set up an enterprise CA (root and simultaneously issuing CA). By accident, the distiguished name is sth like
CN = MyCA
O = MyOrg
C = us
which of course occurs in the issued certificates including the self signed root certificate.
Apparently, some applications have a problem with the "us" in small letters appearing in the issued self signed root certificate. I think the RFC says it must be big letters.
Is there a chance to reconfigure this to C= "US" and issue a new root certificate? I know I will have to re-deploy issued certificates and revoke the exiting ones.
Thanks in advance
Stef
May 19th, 2011 1:50pm
the only way is to re-setup AD CS role.My weblog: http://en-us.sysadmins.lv
PowerShell PKI Module: http://pspki.codeplex.com
Free Windows Admin Tool Kit Click here and download it now
May 19th, 2011 3:34pm
the only way is to re-setup AD CS role.
My weblog: http://en-us.sysadmins.lv
PowerShell PKI Module: http://pspki.codeplex.com
Besides what Vadims said, you also need to do a full CA decommission from Active Directory:
http://support.microsoft.com/kb/889250.// Fredrik "DXter" Jonsson - http://www.poweradmin.se
May 19th, 2011 5:33pm