|
|
microsoft.public.security
Affichage de l'article :
Re: Windows Server 2008 CA
Date :
Le 03 avril 2008
From :
Yahya
Sujet :
Re: Windows Server 2008 CA
I have Installed four virtual machine
Server1 = Domain Controller
Server2 = EnterpriseSubordinate
Server3 = Enterprise Root CA (not instelled web enrollment)
Client1 = Windows XP Professional (SP2)
All servers are Windows Server 2008 Enterprise Editions.
domain name = yahya.local
On Default Domain Policy;
Under Computer Configuration > Policies > Windows Settings > Security
Settings > Publickey Policies
Certtifcate Services Client - Auto - Enrollment (enabled)
Also I imported Root and Intermediate Certifacates to ;
Under Computer Configuration > Policies > Windows Settings > Security
Settings > Publickey Policies > Trusted Root Certification Authorities
Under Computer Configuration > Policies > Windows Settings > Security
Settings > Publickey Policies > Intermediate Certification Authorities
Under Computer Configuration > Policies > Windows Settings > Security
Settings > Publickey Policies > Automatic Certificate Request Settings;
Computer,
Domain Controller,
Enrollment Agent
Under User Configuration > Policies > Windows Settings > Security Settings >
Publickey Policies >
Certtifcate Services Client - Auto - Enrollment (Enabled)
On windows XP ;
If I request certificate using certmgr.msc, I have a warning ;
---------------------------
Certificate Request Wizard
---------------------------
The wizard cannot be started because of one or more of the following
conditions:
- There are no trusted certification authorities (CAs) available.
- You do not have the permissions to request certificates from the
available CAs.
- The available CAs issue certificates for which you do not have
permissions.
---------------------------
OK
---------------------------
On windows Xp,
I opened IE 7.0 and wrote http://server2/certsrv to take a certifcate,
after certificate generated, I have pushed "Install Certficate" but not
installed
I have a error ;
---------------------------
Windows Internet Explorer
---------------------------
Unable to install the certificate:
Error: 0x80091002
---------------------------
OK
---------------------------
If I try to take a certificate using mozilla firefox, it is working
properly, install the certificate.
If i sign a website using windows server 2008 CA , I an not reach using IE
7.0 on windows XP, but mozilla is working.
What Sould I do ?
I I make a mistake, Where?
--
YAHYA YAZICI
MCSE-M , MCSE-S, MCTS, MCT
Morten Bilgi ve Ä°letiÅŸim Hizmetleri Ltd. Åžti
Web: www.btegitim.com
Ofis: +90 212 274 69 98
Fax: +90 212 267 46 25
E-mail: yahya@btegitim.com
"Paul Adare" wrote in message
news:jadvfkzjh8l0.1x8jhnhsan8py$.dlg@40tude.net...
> On Thu, 3 Apr 2008 10:23:48 +0300, Yahya wrote:
>
>> Windows xp does not work with windows server 2008 CA
>
> It actually does.
>
>>
>> I cannot install certificate using certmgr.msc and Auto Enrollment does
>> not
>> work on Windows XP.
>>
>> If I request certificate using certmgr.msc, I have a warning ;
>>
>> ---------------------------
>> Certificate Request Wizard
>> ---------------------------
>> The wizard cannot be started because of one or more of the following
>> conditions:
>> - There are no trusted certification authorities (CAs) available.
>> - You do not have the permissions to request certificates from the
>> available CAs.
>> - The available CAs issue certificates for which you do not have
>> permissions.
>> ---------------------------
>> OK
>> ---------------------------
>
> Is the XP system joined to the domain? Any errors in the event viewer on
> the XP computer?
>
>>
>>
>> IE (6.0 - 7.0) on windows XP can not open SSL certificate signed by
>> windows
>> server 2008 CA but Mozilla firework can.
>
> What does this mean exactly that XP can't open an SSL certificate? Errors?
>
>>
>> Windows Vista is working without any problem.
>>
>> Why does Windows XP work with windows server 2008 CA ?
>> What is the problem ?
>
> There could be tons of reasons you're having these problems but without
> more detail resolving them is going to be a challenge.
>
> --
> Paul Adare
> http://www.identit.ca
> LISP: To call a spade a thpade.
Posez vos questions, réponses et remarques sur
les forums de AuthSecu
|
|