Share via


Windows PKI blog

News and information for public key infrastructure (PKI) and Active Directory Certificate Services (AD CS) professionals

CA manager approval required for certificate re-enrollment

Hi there, this is Larry, Developer from US, and Fabian, PFE from Germany, writing about an uncommon...

Author: Fabian Müller [MSFT] Date: 03/08/2011

Quick Check on ADCS Health Using Enterprise PKI Tool (PKIVIEW)

PKIVIEW was first introduced in Windows Server 2003 Resource kit. The tool is installed by default...

Author: Amerk [MSFT] Date: 02/28/2011

Verifying The SSL Certificate Expiration with a tool

An active member of our community developed a very handy tool to verify - or let's actually say...

Author: MS2065 [MSFT] Date: 02/21/2011

Common Questions about SHA2 and Windows

Since my last post about SHA2 and Windows I’ve received numerous questions from customers and...

Author: Adam Stasiniewicz Date: 02/08/2011

SHA2 and Windows

UPDATE (2/8): Based on some recent questions, additional information has been posted about SHA2 and...

Author: MS2065 [MSFT] Date: 09/30/2010

Active Directory Certificate Services Monitoring Management Pack

A new version of the Certificate Services Monitoring Management Pack became available. Get more...

Author: MS2065 [MSFT] Date: 08/16/2010

Microsoft Certificate Server virtualization policy

If you are unsure regarding the Microsoft Certificate server virtualization policy, just see the...

Author: MS2065 [MSFT] Date: 08/09/2010

Backing up Windows Server 2008 ADCS CA Keys

[EDIT 2/20/2012] This problem has recently been resovled in a hotfix update. System state backup...

Author: markbcooper Date: 08/06/2010

Firewall Rules for Active Directory Certificate Services

Below is a list of ports that need to be opened on Active Directory Certificate Services servers to...

Author: oshekel Date: 06/25/2010

Design Considerations before Building a Two Tier PKI Infrastructure

Environmental Dependencies: 1- Determine if the Active Directory Forest has Windows 2000 Domain...

Author: Amerk [MSFT] Date: 06/19/2010

Certificate Path Validation in Bridge CA and Cross-Certification Environments

Recently, we’ve had a deluge of questions regarding chain building and selection, especially in the...

Author: siadukia Date: 05/12/2010

Powershell CRL Copy

This script writes a Certification Authority's Certificate Revocation List to HTTP based CRL...

Author: MS2065 [MSFT] Date: 05/12/2010

How to Request a Certificate With a Custom Subject Alternative Name

Today many servers require some sort of SSL certificate to be deployed and in many cases custom...

Author: Alex Radutskiy [MSFT] Date: 04/22/2010

Disaster Recovery Procedures for Active Directory Certificate Services (ADCS)

Introduction: When designing a public key infrastructure (PKI) for your organization, you must...

Author: Amerk [MSFT] Date: 04/20/2010

Windows Server 2008 R2 AD CS Migration Guide

The official version of the new 2008 R2 ADCS Migration Guide is now available at...

Author: ltalbot Date: 03/19/2010

What CA types are supported for clustering?

There are two types of certification authorities: Standalone and Enterprise. Only Enterprise...

Author: MS2065 [MSFT] Date: 03/08/2010

Whitepaper “HSPD-12 Logical Access Authentication and Active Directory Domains”

This document explains the interdependencies between Active Directory Domain Services (AD DS) and...

Author: MS2065 [MSFT] Date: 02/10/2010

Windows CA Performance Numbers

Below are some numbers we have measured when testing the Windows CA in our lab environment. Note...

Author: oshekel Date: 01/11/2010

Clustered Certification Authority maintenance tasks

The colleagues from the AskDS blog posted a quite valuable article about Clustered CA maintenance...

Author: MS2065 [MSFT] Date: 01/10/2010

Server 2008 R2 ADCS Migration Guide Beta

The beta version of the new 2008 R2 ADCS Migration Guide is now available at...

Author: ltalbot Date: 12/21/2009

AD Schema Requirements for Windows PKI features

There have been a number of questions about Active Directory (AD) schema requirements for the...

Author: Alex Radutskiy [MSFT] Date: 12/04/2009

How Certificates Are Created

The following text is a simple copy/paste from the TechNet article How Certificates Work (section...

Author: MS2065 [MSFT] Date: 11/09/2009

Certificate Revocation Checking Whitepaper

A whitepaper on Certificate Revocation Checking in Windows Vista and Windows Server 2008 has been...

Author: Yogesh Mehta Date: 11/07/2009

Certificate Validation on Windows XP with Entrust SSP Issued HSPD-12 Certificates

On May 9th, 2009 Entrust Managed Services (provider of HSPD-12 certificates) performed a key update...

Author: oshekel Date: 10/22/2009

BranchCache Deployment Guide for Windows Server 2008 R2 and Windows 7

A new deployment guide was published on Windows7 BranchCache. It covers the PKI requirements for...

Author: oshekel Date: 10/06/2009

Introducing Certificate Template API

WARNING: USE OF THE SAMPLE CODE PROVIDED IN THIS ARTICLE IS AT YOUR OWN RISK. Microsoft provides...

Author: Alex Radutskiy [MSFT] Date: 09/25/2009

Using VBScript to install CA on WS2008R2 server core

In my previous post I provided a script used for setup and installation of a CA using VBScript. The...

Author: shawncor Date: 09/18/2009

Automated CA installs using VB script on Windows Server 2008 and 2008R2 [UPDATED]

Starting with Windows Server 2008 the CA product team introduced a set of COM objects that can be...

Author: shawncor Date: 09/18/2009

Official Microsoft Team Blogs / Microsoft Blogs

If you are interested in reading more official Microsoft Team blogs, see...

Author: MS2065 [MSFT] Date: 09/15/2009

Certificate Enrollment Web Services Whitepaper

The Windows Server 2008 R2 Certificate Enrollment Web Services Whitepaper has been posted to the...

Author: JField Date: 09/14/2009

How to get request statistics by template in PowerShell

I’ve been working with our support folks helping one of our customers. One of the things we wanted...

Author: Alex Radutskiy [MSFT] Date: 09/09/2009

Active Directory Certificate Services Features by SKU

We’ve had many requests for what services and features are available in what Windows Server...

Author: JField Date: 09/02/2009

Vishal’s nuggets

Subscribe to Vishal’s blog at https://blogs.technet.com/vishalagarwal/ for real good certificate and...

Author: MS2065 [MSFT] Date: 08/28/2009

Cross-forest certificate enrollment white paper update

We’ve just updated the Beta version of the cross-forest certificate enrollment white paper. In...

Author: Alex Radutskiy [MSFT] Date: 08/24/2009

Creating self-signed certificates with a script

Here is a great post by one of my colleagues on how to create a self-signed certificate using...

Author: Alex Radutskiy [MSFT] Date: 08/23/2009

Populate Subject Name for Offline Templates on Renew

Offline templates are certificate templates that require the subject name to be part of the...

Author: andrew.bernat Date: 08/21/2009

Updated Network Device Enrollment Service (aka SCEP) white paper

I have just updated this paper. Here is the latest draft:...

Author: Alex Radutskiy [MSFT] Date: 08/17/2009

Extended Validation support for websites using internal certificates

The Active Directory team has published a new blog post how to configure Extended Validation support...

Author: MS2065 [MSFT] Date: 08/14/2009

CA Performace testing

One of our collegues posted an interesting blog entry on CA scalability testing:...

Author: Alex Radutskiy [MSFT] Date: 08/12/2009

AD CS Installation is Crashing on x64 Platform

The following problem affects a Certification authority running on the 64-bit edition of Windows...

Author: dedsMilan Date: 08/09/2009

Understanding Key Archival

It came to my attention that there is little understanding regarding the relationship between...

Author: MS2065 [MSFT] Date: 08/07/2009

How to create a web server SSL certificate manually

The Internet Information Server (IIS) and Microsoft Internet Security and Acceleration (ISA) provide...

Author: MS2065 [MSFT] Date: 08/05/2009

Morello on PKI

I came across two valuable blog posts from my co-worker Morello. The articles have been posted to...

Author: MS2065 [MSFT] Date: 07/26/2009

What is a strong key protection in Windows?

Strong key protection is one of the most misunderstood features in Windows security. In this post I...

Author: Alex Radutskiy [MSFT] Date: 06/16/2009

PKI Enhancements in Windows 7 and Windows Server 2008 R2

The TechNet Magazine released a new article about the PKI Enhancements in Windows 7 and Windows...

Author: MS2065 [MSFT] Date: 06/11/2009

CA performance

Back in the year 2003 we have published information about the CA performance and how it is impacted...

Author: MS2065 [MSFT] Date: 05/14/2009

PKI at TechEd 2009 in LA

Attending TechEd 2009 next week? If you or your customers are around on Monday 5/11, I (objectively)...

Author: cmaca Date: 05/06/2009

How to configure the Windows Server 2008 CA Web Enrollment Proxy

A co-worker posted an interesting blog about configuring the Windows Server 2008 CA Web Enrollment...

Author: MS2065 [MSFT] Date: 04/23/2009

Suite B PKI in Windows Server 2008 and Windows Server 2008R2

I'm happy to announce the availability of the Suite B PKI in Windows Server 2008 whitepaper. The...

Author: ltalbot Date: 04/15/2009

Certificate distribution and the Microsoft Terminal Services Client

A few days ago I worked in a test environment that also consists of a PKI. I used the Microsoft...

Author: MS2065 [MSFT] Date: 02/09/2009

<Previous Next>