Hi. I set up an enterprise CA (root and simultaneously issuing CA). By accident, the distiguished name is sth like CN = MyCA O = MyOrg C = us which of course occurs in the issued certificates including the self signed root certificate. Apparently, some applications have a problem with the "us" in small letters appearing in the issued self signed root certificate. I think the RFC says it must be big letters. Is there a chance to reconfigure this to C= "US" and issue a new root certificate? I know I will have to re-deploy issued certificates and revoke the exiting ones. Thanks in advance Stef

the only way is to re-setup AD CS role.My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com

the only way is to re-setup AD CS role. My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com Besides what Vadims said, you also need to do a full CA decommission from Active Directory: http://support.microsoft.com/kb/889250.// Fredrik "DXter" Jonsson - http://www.poweradmin.se