|
Posted by Kristin Griffin on February 13, 2008, 5:16 pm
Please log in for more thread options Brian,
I kept messing with it, and I think it is actually working all right. But
the installation telling me that it sucessfully installed a certificate when
it really does not , threw me. It looks like it is only installing
certificates that it can place in the user store. I requested an IPSEC
certificate, which the web enrollment let me do, and I could not get the web
site to actually place this in any store folder. I could do it manually,
but when it came to actually using that certificate, it would not work.
Most likely because the subject needed to be a computer name, and since I
enrolled it using the website, the subject name was a user name instead. So
then why is the IPSEC option even available?
Here is my latest question then.
What exactly can I DO with each of the certificate choices i get under the
advanced option of web enrollment? Lets say I am logged in as "SomeUser".
The choices of certificates are:
Client Authentication
Email Protection - I get this one.
Server Authentication - isnt this a machine cert? so why would I have this
option when my subject would not be a server name?
Code Signing - can this be successfully gotten via web enrollment?
Time Stamp - what is this cert for? again, can it be requested successfully
via web enrollment?
IPSec - this didnt work for a computer (naturally), so is there a purpose I
CAN use it for if I get it via web enrollment with the sunject being a
username, not a computer name?
OtTher -
Many thanks,
Kristin
> The request is always done in the security context of the user, so you
> cannot request typical machine certificates from the Web enrollment pages.
> The only type that you can request are ones where the user supplies the
> subject in the request.
> Brian
>
>> Can the web enrollment feature be used to enroll for only user
>> certificates? It looks like you can get a server certificate as the
>> "type" drop down box lists: Server Authentication Certificate.
>>
>> Can anyone define the limitations of the Web Enrollment feature as
>> pertains to what inds of certificates you can actaully request and get
>> successfully?
>>
>> Thanks!
>>
>> Kristin
>>
>
| 
XML Sitemap