Constraints: what they are and how they’re used
First published on TECHNET on Mar 05, 2014Hey everyone this is Wes Hammond from Premier Field Engineering and I wanted to share with you some info that I have gathered about setting up constraints. What are Constraints? Constraints are used ... continue reading
Request File Can’t be Located during CA Certificate Renewal
First published on TECHNET on May 29, 2012 During my work with a customer renewing their Issuing CA’s certificate based on the steps documented in this article , I discovered that the Request file generated couldn’t be located in the ... continue reading
Design Considerations before Building a Two Tier PKI Infrastructure
First published on TECHNET on Jun 19, 2010 Environmental Dependencies: 1- Determine if the Active Directory Forest has Windows 2000 Domain Controllers. This is important because of modifications to the CertPublishers group scope, and permissions related to the AdminSDHolder role ... continue reading
Disaster Recovery Procedures for Active Directory Certificate Services (ADCS)
First published on TECHNET on Apr 20, 2010 Introduction: When designing a public key infrastructure (PKI) for your organization, you must develop an effective disaster recovery plan to ensure that, in the event of failure of the computer hosting Certificate ... continue reading
Windows Server 2012 R2/IIS8.5 – Automatic Rebind of Renewed Certificates
First published on TECHNET on Apr 28, 2014 Hello All, This is Wes Hammond with Premier Field Engineering back with follow up to a previous blog about automatic renewal of web site certificates. The original blog can be found in ... continue reading
Constraints: what they are and how they’re used
First published on TECHNET on Mar 05, 2014Hey everyone this is Wes Hammond from Premier Field Engineering and I wanted to share with you some info that I have gathered about setting up constraints.What are Constraints?Constraints are used to restrict ... continue reading
Upgrade Certification Authority to SHA256
First published on TECHNET on Sep 19, 2013A common question in the field is about upgrading a certification authority running on Windows Server 2003 to use Crypto Next Generation (CNG) to support SHA256. CNG was introduced in Windows Server 2008 ... continue reading
Renew Web Server (SSL) Certificates Automatically
First published on TECHNET on Aug 27, 2013Working with Internet Information Services (IIS) certificates can be a bit challenging especially during renewal time. Most organizations do not track Web SSL certificates which in turn might expire and cause an unplanned ... continue reading
Windows Server 2012 Active Directory Certificate Services System State Backup and Restore
First published on TECHNET on Mar 21, 2013Windows Server 2012 System State Backup allows an administrator to back-up several Operating System components including those required for a successful restore of a Certification Authority. Any certification authority backup should include the ... continue reading
Viewing Expired Certificate Revocation List (CRL)
First published on TECHNET on Dec 20, 2012Many customers must perform a regulatory audit annually to comply with industry standards and business trends. Recently I was contacted by one of my customers, who was not able to view all of ... continue reading