1,921 questions
Trusted domain certificate
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 33%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Raul Guchinife
140
Reputation points
Hello
I have an enterprise certificate authority installed on a domain (DOM1). This domain has a trusted domain (DOM2).
I have configured CEP/CES so that from the trusted domain I can request certificates from the certificate authority of the main domain.
I have generated a computer certificate so that it can be installed on the computers in the trusted domain (Dom2).
The permissions of this certificate that I have configured are:
Dom2\domains computer -> read, enroll
The problem is that when I request the certificate from a domain 2 computer, this certificate does not see it.
However, the user level certificates that are configured do see it.
The user level certificate has the permission:
Dom2\domain user -> read, enroll.
Why doesn't it see the "computer" level certificate?
*Note: The "computer" certificate issued by default by the CA (which has the permission authenticated users -> read, enroll ) does see it. Authenticated users I understand that it will be for all the users/equipment of the domain and the trusted domain and I only want it for the trusted domain.
Windows for business | Windows Server | Devices and deployment | Set up, install, or upgrade
Windows for business | Windows Server | User experience | Other
20,212 questions
Windows for business | Windows Server | Devices and deployment | Configure application groups
Sign in to answer