Are there any non-Microsoft platforms that a Microsoft CA cannot issue an SSL certificate to?

can you be more specific? Since Windows CA is standard-conformant there should not be any issues with other platforms. However direct certificate request via web pages is restricted to platforms that can utilize XEnroll or CertEnroll functionality. RPC/DCOM enrollment is restricted to platforms that utilize MS-WCCE protocol specifications.My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com

Vadims, I work for a large multi platform company that presently does not have a Microsoft PKI. If we were to implement ADCS, can the non-microsoft OS's (Unix, Linux, AS400, Apache, etc. etc. etc.) request and utilize ADCS SSL certificates? How? If an OS doesn't support XEnroll, CertEnroll or MS-WCCE how can they obtain a certificate? Can they simply generate a CSR and issue the request via web page from a Microsoft OS? Thanks, Paul

> Can they simply generate a CSR and issue the request via web page from a Microsoft OS? yes. Once you have generated a CSR you can use various methods to submit it to the CA server, like web pages, Certification Authority MMC snap-in or certreq.exe utility.My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com

On Tue, 10 May 2011 08:11:35 +0000, Vadims Podans [MVP] wrote: > Can they simply generate a CSR and issue the request via web page from a Microsoft OS? > yes. Once you have generated a CSR you can use various methods to submit it to the CA server, like web pages, Certification Authority MMC snap-in or certreq.exe utility. You may also want to look into Venafi's Encryption Director - http://www.venafi.com/Products It solves a lot of problems surrounding management and deployment of certificates in a heterogenous environment. Note that I have no direct relationship with Venafi, I just happen to work in the industry and I think that they've got a great product. Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca Disc space -- the final frontier!