Results 1 to 3 of 3

Thread: Convert Enterprise Root CA to Standalone Root CA and create newSubordinate CAs

  1. #1
    Join Date
    Oct 2005
    Posts
    48

    Convert Enterprise Root CA to Standalone Root CA and create newSubordinate CAs

    I have a very simple 30 user setup. Along with this there is a Exchange server also. There is only on Active Directory setup. The root CA is the one which issue the certificates. The workstations certs are configured on autoenrollment. I know that it i will be better to have subordinate CA for every remote place to issue cert. What I want to know that after configuring this, what can be effect on current workstations which are already having a CA. I just want to know the different of setup that I am planing. All the computer might get the cert from root only, but some of them which lies on the remote place will be using subordinate CA. But that too rely on the root. So I hope there will be no security compromised.

  2. #2
    Join Date
    Sep 2004
    Posts
    142
    The cert basically depends on the certificate template used or published at enterprise CA. You can try to remove all templates using certification authority console and see that there is nothing left. Just keep the SubCA template as it is. The enterprise root CA is helpful as there is no need to manually publish the cert. The entire process goes automatic.

  3. #3
    Join Date
    Mar 2009
    Posts
    1

    Re: Convert Enterprise Root CA to Standalone Root CA and create newSubordinate CAs

    Hello Chris

    I am stuck with the same issue, I am trying to find out if i have a client computer auto enrolled and received a certificate from a root CA and now if i am planning to create a new Root CA in my environment will the computer get another certificate using auto enrollment and use the latest certificate. Also when i look in the web enrollment I dont see a computer template, though it exists in you certificate templates what is the procedure to add your templates to show up in web enrollment??. I was browsing thorough many forums regarding this issue and you where the only one i could find who has run in to the same issue, that would be great if you reply back with the solution you had for this issue.
    Thanks in advance!!
    Sandeep.

Similar Threads

  1. Standalone vs Enterprise root CA security.
    By rasena in forum Windows Security
    Replies: 1
    Last Post: 12-07-2012, 03:25 AM
  2. Install second Enterprise Root CA and remove old one?
    By plutoz in forum Windows Security
    Replies: 1
    Last Post: 21-09-2011, 02:47 AM
  3. Moving a DFS standalone root from 2003 to 2008R2
    By hightide in forum Windows Server Help
    Replies: 1
    Last Post: 30-04-2011, 01:49 AM
  4. 0x424 (WIN32: 1060) in Enterprise Root CA
    By wimmer in forum Windows Security
    Replies: 4
    Last Post: 22-08-2007, 03:08 PM
  5. Enterprise Root Certification Authority not trusted
    By Donald in forum Windows Security
    Replies: 3
    Last Post: 20-02-2006, 03:54 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,664,681.60210 seconds with 17 queries