|
Posted by Steven L Umbach on June 29, 2006, 11:56 pm
If you were Registered and logged in, you could reply and use other advanced thread options
the certificate templates so that only the CA you want is issuing
certificates to the computers/users that need the new issued by field. You
can configure which certificate templates a CA will issue in the Certificate
Authority Management Console mmc snapin and selecting which CA to
manage. --- Steve
> Thank you, that helps very much. I think I'll try creating a subordinate.
>
> "Steven L Umbach" wrote:
>
>> You can't change issued certificates and you can't rename a Certificate
>> Authority. You can create a new Certificate Authority with the name you
>> need. You can run into problems with "old" certificates if the
>> computers/applicaions no longer trusts the CA that issued them and when
>> Certificate Revocation Lists are no longer available. Creating a new CA
>> that
>> is a subordinate CA to an existing CA with the name you want would be a
>> relatively safe way to go if that could be a possibility. --- Steve
>>
>>
>> ttp://www.microsoft.com/windowsserver2003/technologies/pki/default.mspx
>> ---
>> Public Key Infrastructure for Windows Server 2003
>>
>>
>> >I need to rename the certificate root, the "issued by" field on the
>> > certificate. Is this possible with Windows 2000, or Win2k3? If so,
>> > would
>> > the certificates previously issued by that CA be invalidated?
>> >
>> > Thank you,
>> >
>> > Bill
>> >
>>
>>
>>
| 
XML site map