I want to apply a certificate to my Windows 2008 server and users who will be accessing resources on that server. What is the fastest way to do this? Setup the Online Responder? Use a GPO? Manually install the cert. on server and users? The online responder looks like it takes more work, and is more than I need, but need help deciding on whether to use it. GPO seems the fastest and best way to go. I can manually just click on the cert and install it as well, correct? What do you think?

You seem to be throwing buzzwords around fast and furious. Can you please describe more clearly what you are trying to accomplish: - What resource are you protecting with certificates - What protocol is used to connect to the resource - How are the clients connecting to the resource - How are the clients authenticating with the resource Brian

This is my first experience with Certificate Services and first time setup, so I am learning as I go. GOAL: I want to apply a certificate to my application server. Only clients in my domain will connect to this server. All clients are in the same forest and the same domain. My Certificate Services Servers are both Windows 2008 Enterprise R2 with SP1 in a 2008 AD environment. I am using a 2 tiered approach for Certificate Services. I have a RootCA in a stand-alone workgroup that I have created my RootCA. I created a request from my Issuing CS, on my domain, which was part of my initial setup of my issuing server. This request was copied over to my RootCA and signed then issued. I copied this .PB7 file back to my Issuing CS. I copied the RootCA certificate from my stand-alone server over to my domain, ran csutil -dspublish. I have imported my RootCA in Group Policy into my Trusted Certificates (In GPO Computer Configuration\Policies\Windows Settings\Security Settings\Public Policies\Trusted Root Certication Authorities.) I have duplicated the computer template and also began setting up a GPO to push the certificate to workstations when I am ready. How do I create the correct certificate to apply to may application server? Can I apply this to the application server and workstations/users accessing the server with a GPO and or a Template?

I have a server we run an application on. I want to apply the Root Certificate to this server. I want to apply the Root Certificate to my users and workstations that access this server. Would like to use a GPO to apply this.

What do you mean by Apply the root certificate to this server. You would not deploy the certificate and the private key from the root CA on an application server. - Are you requesting an SSL certificate from a root CA that you built? - Are the clients that connect to the server all part of the same forest? - Can you describe your PKI? These will help to provide an answer that works Brian