Ping a Specific Port

Question

dtech

Asked: 2013-01-01 08:57:37 +0800 CST2013-01-01 08:57:37 +0800 CST 2013-01-01 08:57:37 +0800 CST

Multiple CA's on Windows Server 2012

772

Is it possible to create multiple Certficate Authorities in Windows Server 2012? Specifically: I'd like to create a standalone root CA which will have its private key in offline secure storage. The main issuing (Enterprise) CA should have a certificate signed by the root CA.

Is this possible with just 1 Windows Server 2012 installation or do you really need to create multiple VM's with one CA each?

1 Answers

Voted

Ryan Ries · Answer 1 · 2013-01-01T09:03:02+08:00

Best Answer

Ryan Ries

2013-01-01T09:03:02+08:002013-01-01T09:03:02+08:00

You can only have one AD CS certificate server at a time on a single instance of Windows Server OS.

Edit: Also if you want to get serious about the physical security of the root CA, don't make it a VM. A VM can be booted up from the VM management console and then compromised. Make it a physical machine, use it to set up your policy CAs and issuing CAs, then pull the Ethernet cable out of the root CA machine and power it off. (Which you can't really do with an enterprise (AD-integrated) CA, but that's a whole different topic.)

9

Multiple CA's on Windows Server 2012

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?