|
Posted by Brian Komar [MVP] on February 16, 2007, 4:33 pm
Please log in for more thread options
Mshepherd00@gmail.com says...
> is it possible to have more then one CA signing certificate on one
> enterprise CA?
>
> Or how to achieve this: to have two separate groups of computers using
> IPSec where one group enrolls automatically, the other manually or
> with approval. This should allow for restrictive and less restrictive
> IPSec filter rule sets on a server.
>
> ms
>
>
An MS CA can only have a single signing certificate. You can accomplish
what you are after by designing two certificate templates. One could be
deployed to a speicific security group using autoenrollment. The second
could require CA manager approval
Brian
| 
XML Sitemap