Cross Certification Windowes 2008 - Version 3 Certificate?
Hi, We have just merged with organisation X who have a Windows 2003 PKI. One Forest is a Windows 2003 Forest and the ours is a Windows 2008 running a 2008 PKI. There is a cross Forest two way trust. What I want to do is to do a Cross Certification between our Issuing CA and their Root to glue the PKI's together, the reason for this is that I don't want to re-issue thousands of Organisation X user certificates (not at the moment anyway). I think this is the best way to go but would appriciate any feedback or comments. Some things are puzzling me though and would appriciate some help: (1) Organisation X's root is a Windows 2003 server, By applying the SHA2 Hotfix (kb968730) their root will be able to support SHA256? (2) If their root has the hotfix (mentioned above) then can I create a Version 3 certificate (to support SHA256) for the Qualified Subordination Certificate and Cross Certification Authority? (3) In the CSP provider, I assume I can select the HSM Vendor as the CSP?
November 2nd, 2010 7:35am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics