Windows Security
  Home arrow Windows Security arrow Page 2 - Implementing a PKI, Part III: Managing Mic...
ASP Free Forums 
.NET  
ASP  
ASP Code  
ASP.NET  
ASP.NET Code  
BrainDump  
C#  
Code Examples  
Database  
Database Code  
IIS  
Microsoft Access  
MS SQL Server  
Visual Basic.NET  
Windows Scripting  
Windows Security  
XML  
ASP Web Hosting  
ASP.NET Web Hosting 
Dedicated Servers 
Actuate Whitepapers 
Moblin 
Windows Web Hosting
 
IBM® developerWorks 
Sun Developer Network 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WINDOWS SECURITY

Implementing a PKI, Part III: Managing Microsoft Certification Services
By: Eliana Stavrou
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 4 stars4 stars4 stars4 stars4 stars / 10
    2005-02-01

    Table of Contents:
  • Implementing a PKI, Part III: Managing Microsoft Certification Services
  • Certification Authority Management
  • Certificate Revocation List (CRL) publication
  • Configure Root CA Certificate Properties
  • Configure CRL’s Distribution Points
  • Configure AIA Distribution Points
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    ADVERTISEMENT

    Stay one step ahead of the competition. Evaluate and give feedback on some of the hottest web development tools on the market today. Make your opinion heard! Click Here

    Implementing a PKI, Part III: Managing Microsoft Certification Services - Certification Authority Management
    (Page 2 of 6 )

    You may find the certification management console at:

    Start -> All Programs -> Administrative tools -> Certification Authority

    Through CA’s console you can manage the following procedures:

    1. Pending Requests. When a user requests a certificate, his / her request will be taken to this section. After evaluating the provided authentication information, the administrator will decide on the trustworthiness of the user and whether to issue the digital certificate or not.

      By right–clicking on the request at the Pending Certificates folder on the right pane of the console, you have the option to issue or deny the certificate. Based on the evaluation, you could choose one of the two options.

    2. Issued Certificates. All the digital certificates that are issued by your CA server will appear in this section. If you need to revoke a certificate, select it, right-click on it, select All tasks and then Revoke.

    3. Revoked Certificates. In several cases it may be required to revoke a digital certificate in order to maintain the integrity of your PKI; for example, revocation occurs when an employee leaves the organization or when a user loses his / her private key, or if the private key is compromised. Every time you revoke a certificate, it is added to the CA’s Certificate Revocation List (CRL). I believe that this functionality is vital for maintaining the security achieved through the usage of digital certificates, thus this subject will be discussed in detail in a later section.

    4. Failed Requests. In cases where the provided information was inadequate or the trustworthiness of the client cannot be verified, the administrator rejects the request. If you want to issue the certificate at a later time, right-click on the request, select All tasks and then select Issue.

    On the right pane of the console you may see several attributes such as the request id, revocation date, requester name, binary certificate etc., depending on the option you choose (Pending, Issued, Revoked or Failed).

    The following figure presents a snapshot of the Certification Authority console.

    Implementing a PKI -- CA Functions

    Next: Certificate Revocation List (CRL) publication >>
     

    More Windows Security Articles
    More By Eliana Stavrou


     
    >>> Be the FIRST to comment on this article!

    WINDOWS SECURITY ARTICLES

    - Advanced Data Protection in Windows
    - Basic Data Protection in Windows
    - Windows XP Security
    - Lucky You, Microsoft has Sent You an Email! ...
    - Implementing a PKI, Part III: Managing Micro...
    - Windows 2000 Security
    - A Security Roadmap
    - Implementing a Public Key Infrastructure (PK...
    - Hardening Communications
    - Windows Host Security: Network Security Hacks
    - Hardening Wireless LAN Connections, Part 2
    - Hardening Wireless LAN Connections Part 1
    - Windows Reverse Engineering
    - Microsoft's Latest Security Updates -- The G...
    - Cross Site Scripting (XSS): An Overview
    Find More Windows Security Articles



    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 6 hosted by Hostway