|
Posted by Brian Komar on August 12, 2007, 10:19 am
If you were Registered and logged in, you could reply and use other advanced thread options
Look at the Best Practices whitepaper available at www.microsoft.com/pki.
You need to designate your root CA as a trusted root for all clients. I
assume that client's are connecting from their home computers, etc. In this
case, you should have used a certificate that chained to a commercial root
CA.
The best purpose for internal CAs is for WEb sites that are *only* connected
to by internally managed clients.
Brian
> Hi,
> I have just installed windows certificate service and selected an
> enterprisse root ca. I then issued a certificate to the default website
> for enabling OWA over HTTPS. All seemed OK, but when users connect to the
> OWA site the certificate cannot be installed into the trusted root CA.
> When viewing the certificate, it says "This certificate cannot be verified
> up to a trusted certificate authority". Is this normal for windows CA? or
> there is something wrong in installing the CA and creating the
> certificate?
>
> Thanks in advance,
>
| 
XML site map