[SASAG] What is process for installing cert on win2003 domain controller

Ski Kacoroski kacoroski at gmail.com
Sat Mar 29 22:01:21 PDT 2008 

Thanks to all the people with ideas...

To Jeff:

I have tried out our wild card cert but it only works for *.nsd.org and
does not seem to work for *.domain.nsd.org.

To Eric:
I really do not want to purchase another third party cert, but I could
use a CA-Cert and will try that on Monday.  Thanks for jiggering my
thoughts on this.

To Kate & Scott:
I have tried 6 ways to Sunday to get the CA in domainA to sign a
request from the DC in domainB with absolutely no luck.  I actually
have 3 domains and noticed that our previous windows admin created CA's
in domainA and domainC.  I can access their DC's via ldap with no
problems as they have valid certs, but the one in DC in domainB does
not have a cert which is breaking things now and why I am in this fix.

cheers,

ski

On Sat, 29 Mar 2008 13:34:38 -0800 "Jeff Silverman"
<jeffsilverm at gmail.com> wrote:
> Ski,
> 
> I am not a windows guy so I can't tell you how to install a cert under
> Windows.  You can install a wild card cert for all of your third and
> lower domains.  So for example, you can install a cert for *.blah.com
> but not *.com as that would defeat the whole point of a cert.
> 
> I hope this is helpful
> 
> 
> Jeff
> 
> 
> On Fri, Mar 28, 2008 at 1:43 PM, Ski Kacoroski <kacoroski at gmail.com>
> wrote:
> 
> > I have been wading through MS docs all day with no luck.  My
> > problem is that my MS certificate authority is in a different
> > domain from the domain controller that needs the certificate so I
> > keep getting errors. I am assuming that I do not need a certificate
> > authority for every single domain I create (perhaps that is
> > incorrect).
> >
> > Thanks for your help.
> >
> > ski
> >
> > --
> > "When we try to pick out anything by itself, we find it
> >  connected to the entire universe"            John Muir
> >
> > Chris "Ski" Kacoroski, kacoroski at gmail.com, 206-501-9803
> > or ski98033 on most IM services and gizmo
> > _______________________________________________
> > Members mailing list
> > Members at lists.sasag.org
> > http://lists.sasag.org/mailman/listinfo/members
> >
> 
> 
> 


-- 
"When we try to pick out anything by itself, we find it
 connected to the entire universe"            John Muir

Chris "Ski" Kacoroski, kacoroski at gmail.com, 206-501-9803
or ski98033 on most IM services and gizmo

More information about the Members mailing list