TLS/SSL certificate request question
Hi, I am deploying an application that requires certificate based authentication. I am wondering what option do I have for certificate request from the client side. I know openssl is on of them. If I use the certificate enrollment request wizard, do I have to set up a certificate server within the domain. Also, does all the clients that require the certificate has to be part of the domain too with the Windows CA server setup? Is there any other simpler way to generate TLS/SSL certificate request from Windows other than the above? Thanks
June 18th, 2010 6:05pm

Hi, Q1: If I use the certificate enrollment request wizard, do I have to set up a certificate server within the domain. Do you mean the certificate enrollment request wizard in the Certificate MMC? For client authentication, a internal CA would be the effective and costless way to deploy a PKI infrastructure. Q2: does all the clients that require the certificate has to be part of the domain too with the Windows CA server setup? Q3: Is there any other simpler way to generate TLS/SSL certificate request from Windows other than the above? Not essential. Non-domain clients can also easily request the certificate through CA web enrollment based on the permissions on the certificate template. The CA web enrollment page is a web page which is installed on IIS where clients can request their certificates via HTTP (HTTPS) other than certificate enrollment request wizard (RPC).
Free Windows Admin Tool Kit Click here and download it now
June 21st, 2010 5:40am

Thanks, We do have an internal CA server setup already, but it is linux based. The current certificate request process use openssl for Windows and it is kind of cumbersome. I am just wanting to find a easier way to request client certificate. So can I tied the Windows CA web enrollment to a non-Windows CA server?
June 21st, 2010 5:35pm

Hi, Sure. However, you will have to fill the fields such as host name in the certificate request.
Free Windows Admin Tool Kit Click here and download it now
July 6th, 2010 11:59am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics