Select Page
What is a strong key protection in Windows?

What is a strong key protection in Windows?

First published on TECHNET on Jun 16, 2009 Strong key protection is one of the most misunderstood features in Windows security. In this post I will attempt to demystify it. I will also try to address some of the misconceptions ... continue reading
Populate Subject Name for Offline Templates on Renew

Populate Subject Name for Offline Templates on Renew

First published on TECHNET on Aug 21, 2009 Offline templates are certificate templates that require the subject name to be part of the certificate request. The certificate authority will use the subject name supplied in the request as the subject ... continue reading

Active Directory Certificate Services Features by SKU

First published on TECHNET on Sep 02, 2009 We’ve had many requests for what services and features are available in what Windows Server version and SKU. The TechNet Wiki article Active Directory Certificate Services Overview has this information under Features ... continue reading

Automated CA installs using VB script on Windows Server 2008 and 2008R2 [UPDATED]

First published on TECHNET on Sep 18, 2009 Starting with Windows Server 2008 the CA product team introduced a set of COM objects that can be used to control the installation of CAs. Using VBScript you can quickly automate the ... continue reading

Using VBScript to install CA on WS2008R2 server core

First published on TECHNET on Sep 18, 2009 In my previous post I provided a script used for setup and installation of a CA using VBScript. The same script is capable of installing a CA on server core, where there ... continue reading

Introducing Certificate Template API

First published on TECHNET on Sep 25, 2009 WARNING: USE OF THE SAMPLE CODE PROVIDED IN THIS ARTICLE IS AT YOUR OWN RISK. Microsoft provides this sample code "as is" without warranty of any kind, either express or implied, including ... continue reading

BranchCache Deployment Guide for Windows Server 2008 R2 and Windows 7

First published on TECHNET on Oct 06, 2009 A new deployment guide was published on Windows7 BranchCache. It covers the PKI requirements for this feature along with other deployment procedures. The full guide can be found here: BranchCache Deployment Guide ... continue reading

Certificate Validation on Windows XP with Entrust SSP Issued HSPD-12 Certificates

First published on TECHNET on Oct 22, 2009 On May 9th, 2009 Entrust Managed Services (provider of HSPD-12 certificates) performed a key update ceremony on the Entrust Managed Services Root and SSP certification authorities. HSPD-12 certificates issued after May 9th, ... continue reading

Server 2008 R2 ADCS Migration Guide Beta

First published on TECHNET on Dec 21, 2009 The beta version of the new 2008 R2 ADCS Migration Guide is now available at http://technet.microsoft.com/en-us/library/ee126140(WS.10).aspx . The guide describes the necessary steps for a successful migration of enterprise or standalone CAs ... continue reading

Windows CA Performance Numbers

First published on TECHNET on Jan 11, 2010 Below are some numbers we have measured when testing the Windows CA in our lab environment. Note that the numbers will change and depends on many factors (network topology, request types, other ... continue reading