Implementing a PKI, Part III: Managing Microsoft Certification Services
(Page 1 of 6 )
In our third and final article about implementing a public key infrastructure, Eliana Stavrou explains the importance of managing certification services, and how to do it correctly. Will the administration procedures you have in place work -- or will they lead to security risks that you won't know about until it's too late? Read on to find out.
Introduction
By now you should have implemented your own Certification Authority (CA) discussed in part I of this article, and configured your Internet Information Server (IIS) and client Web browsers discussed in part II of this article.
Beyond the implementation of the CA server, I feel that it is equally important to provide information regarding the management of the certification services. Without the proper management you create a leaky bucket; you may have developed a PKI infrastructure and think that you are secure, but without the proper administration of procedures you may end up with a bucket leaking security under your nose.
Web Interface
Clients communicate with the Certification Authority server using their Web browser. Recall that you may use the Web interface of Microsoft’s Certification Services in order to:
- Request a digital certificate
- View the status of a pending certificate request, or
- Download a CA certificate or a Certificate Revocation List (CRL)
Next: Certification Authority Management >>
More Windows Security Articles
More By Eliana Stavrou
/ 12 
