Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
News and information for public key infrastructure (PKI) and Active Directory Certificate Services (AD CS) professionals
CA manager approval required for certificate re-enrollment
Hi there, this is Larry, Developer from US, and Fabian, PFE from Germany, writing about an uncommon...
Author: Fabian Müller [MSFT] Date: 03/08/2011
Quick Check on ADCS Health Using Enterprise PKI Tool (PKIVIEW)
PKIVIEW was first introduced in Windows Server 2003 Resource kit. The tool is installed by default...
Author: Amerk [MSFT] Date: 02/28/2011
Verifying The SSL Certificate Expiration with a tool
An active member of our community developed a very handy tool to verify - or let's actually say...
Author: MS2065 [MSFT] Date: 02/21/2011
Common Questions about SHA2 and Windows
Since my last post about SHA2 and Windows I’ve received numerous questions from customers and...
Author: Adam Stasiniewicz Date: 02/08/2011
SHA2 and Windows
UPDATE (2/8): Based on some recent questions, additional information has been posted about SHA2 and...
Author: MS2065 [MSFT] Date: 09/30/2010
Active Directory Certificate Services Monitoring Management Pack
A new version of the Certificate Services Monitoring Management Pack became available. Get more...
Author: MS2065 [MSFT] Date: 08/16/2010
Microsoft Certificate Server virtualization policy
If you are unsure regarding the Microsoft Certificate server virtualization policy, just see the...
Author: MS2065 [MSFT] Date: 08/09/2010
Backing up Windows Server 2008 ADCS CA Keys
[EDIT 2/20/2012] This problem has recently been resovled in a hotfix update. System state backup...
Author: markbcooper Date: 08/06/2010
Firewall Rules for Active Directory Certificate Services
Below is a list of ports that need to be opened on Active Directory Certificate Services servers to...
Author: oshekel Date: 06/25/2010
Design Considerations before Building a Two Tier PKI Infrastructure
Environmental Dependencies: 1- Determine if the Active Directory Forest has Windows 2000 Domain...
Author: Amerk [MSFT] Date: 06/19/2010
Certificate Path Validation in Bridge CA and Cross-Certification Environments
Recently, we’ve had a deluge of questions regarding chain building and selection, especially in the...
Author: siadukia Date: 05/12/2010
Powershell CRL Copy
This script writes a Certification Authority's Certificate Revocation List to HTTP based CRL...
Author: MS2065 [MSFT] Date: 05/12/2010
How to Request a Certificate With a Custom Subject Alternative Name
Today many servers require some sort of SSL certificate to be deployed and in many cases custom...
Author: Alex Radutskiy [MSFT] Date: 04/22/2010
Disaster Recovery Procedures for Active Directory Certificate Services (ADCS)
Introduction: When designing a public key infrastructure (PKI) for your organization, you must...
Author: Amerk [MSFT] Date: 04/20/2010
Windows Server 2008 R2 AD CS Migration Guide
The official version of the new 2008 R2 ADCS Migration Guide is now available at...
Author: ltalbot Date: 03/19/2010
What CA types are supported for clustering?
There are two types of certification authorities: Standalone and Enterprise. Only Enterprise...
Author: MS2065 [MSFT] Date: 03/08/2010
Whitepaper “HSPD-12 Logical Access Authentication and Active Directory Domains”
This document explains the interdependencies between Active Directory Domain Services (AD DS) and...
Author: MS2065 [MSFT] Date: 02/10/2010
Windows CA Performance Numbers
Below are some numbers we have measured when testing the Windows CA in our lab environment. Note...
Author: oshekel Date: 01/11/2010
Clustered Certification Authority maintenance tasks
The colleagues from the AskDS blog posted a quite valuable article about Clustered CA maintenance...
Author: MS2065 [MSFT] Date: 01/10/2010
Server 2008 R2 ADCS Migration Guide Beta
The beta version of the new 2008 R2 ADCS Migration Guide is now available at...
Author: ltalbot Date: 12/21/2009
AD Schema Requirements for Windows PKI features
There have been a number of questions about Active Directory (AD) schema requirements for the...
Author: Alex Radutskiy [MSFT] Date: 12/04/2009
How Certificates Are Created
The following text is a simple copy/paste from the TechNet article How Certificates Work (section...
Author: MS2065 [MSFT] Date: 11/09/2009
Certificate Revocation Checking Whitepaper
A whitepaper on Certificate Revocation Checking in Windows Vista and Windows Server 2008 has been...
Author: Yogesh Mehta Date: 11/07/2009
Certificate Validation on Windows XP with Entrust SSP Issued HSPD-12 Certificates
On May 9th, 2009 Entrust Managed Services (provider of HSPD-12 certificates) performed a key update...
Author: oshekel Date: 10/22/2009
BranchCache Deployment Guide for Windows Server 2008 R2 and Windows 7
A new deployment guide was published on Windows7 BranchCache. It covers the PKI requirements for...
Author: oshekel Date: 10/06/2009
Introducing Certificate Template API
WARNING: USE OF THE SAMPLE CODE PROVIDED IN THIS ARTICLE IS AT YOUR OWN RISK. Microsoft provides...
Author: Alex Radutskiy [MSFT] Date: 09/25/2009
Using VBScript to install CA on WS2008R2 server core
In my previous post I provided a script used for setup and installation of a CA using VBScript. The...
Author: shawncor Date: 09/18/2009
Automated CA installs using VB script on Windows Server 2008 and 2008R2 [UPDATED]
Starting with Windows Server 2008 the CA product team introduced a set of COM objects that can be...
Author: shawncor Date: 09/18/2009
Official Microsoft Team Blogs / Microsoft Blogs
If you are interested in reading more official Microsoft Team blogs, see...
Author: MS2065 [MSFT] Date: 09/15/2009
Certificate Enrollment Web Services Whitepaper
The Windows Server 2008 R2 Certificate Enrollment Web Services Whitepaper has been posted to the...
Author: JField Date: 09/14/2009
How to get request statistics by template in PowerShell
I’ve been working with our support folks helping one of our customers. One of the things we wanted...
Author: Alex Radutskiy [MSFT] Date: 09/09/2009
Active Directory Certificate Services Features by SKU
We’ve had many requests for what services and features are available in what Windows Server...
Author: JField Date: 09/02/2009
Vishal’s nuggets
Subscribe to Vishal’s blog at https://blogs.technet.com/vishalagarwal/ for real good certificate and...
Author: MS2065 [MSFT] Date: 08/28/2009
Cross-forest certificate enrollment white paper update
We’ve just updated the Beta version of the cross-forest certificate enrollment white paper. In...
Author: Alex Radutskiy [MSFT] Date: 08/24/2009
Creating self-signed certificates with a script
Here is a great post by one of my colleagues on how to create a self-signed certificate using...
Author: Alex Radutskiy [MSFT] Date: 08/23/2009
Populate Subject Name for Offline Templates on Renew
Offline templates are certificate templates that require the subject name to be part of the...
Author: andrew.bernat Date: 08/21/2009
Updated Network Device Enrollment Service (aka SCEP) white paper
I have just updated this paper. Here is the latest draft:...
Author: Alex Radutskiy [MSFT] Date: 08/17/2009
Extended Validation support for websites using internal certificates
The Active Directory team has published a new blog post how to configure Extended Validation support...
Author: MS2065 [MSFT] Date: 08/14/2009
CA Performace testing
One of our collegues posted an interesting blog entry on CA scalability testing:...
Author: Alex Radutskiy [MSFT] Date: 08/12/2009
AD CS Installation is Crashing on x64 Platform
The following problem affects a Certification authority running on the 64-bit edition of Windows...
Author: dedsMilan Date: 08/09/2009
Understanding Key Archival
It came to my attention that there is little understanding regarding the relationship between...
Author: MS2065 [MSFT] Date: 08/07/2009
How to create a web server SSL certificate manually
The Internet Information Server (IIS) and Microsoft Internet Security and Acceleration (ISA) provide...
Author: MS2065 [MSFT] Date: 08/05/2009
Morello on PKI
I came across two valuable blog posts from my co-worker Morello. The articles have been posted to...
Author: MS2065 [MSFT] Date: 07/26/2009
What is a strong key protection in Windows?
Strong key protection is one of the most misunderstood features in Windows security. In this post I...
Author: Alex Radutskiy [MSFT] Date: 06/16/2009
PKI Enhancements in Windows 7 and Windows Server 2008 R2
The TechNet Magazine released a new article about the PKI Enhancements in Windows 7 and Windows...
Author: MS2065 [MSFT] Date: 06/11/2009
CA performance
Back in the year 2003 we have published information about the CA performance and how it is impacted...
Author: MS2065 [MSFT] Date: 05/14/2009
PKI at TechEd 2009 in LA
Attending TechEd 2009 next week? If you or your customers are around on Monday 5/11, I (objectively)...
Author: cmaca Date: 05/06/2009
How to configure the Windows Server 2008 CA Web Enrollment Proxy
A co-worker posted an interesting blog about configuring the Windows Server 2008 CA Web Enrollment...
Author: MS2065 [MSFT] Date: 04/23/2009
Suite B PKI in Windows Server 2008 and Windows Server 2008R2
I'm happy to announce the availability of the Suite B PKI in Windows Server 2008 whitepaper. The...
Author: ltalbot Date: 04/15/2009
Certificate distribution and the Microsoft Terminal Services Client
A few days ago I worked in a test environment that also consists of a PKI. I used the Microsoft...
Author: MS2065 [MSFT] Date: 02/09/2009