Greetings Fellow Geeks!
In this post, we’re going to set up our enterprise issuing CA for RSA based certificates.
The workflow is pretty straightforward. The steps are:
- publish root Cert to AD
- add root cert and crl to local store
- install services
- configure CDP and AIA extensions
- run scripts
- copy enterprise cert to web server and rename
- publish CRL and Delta CRL
Here are text snippets to help out if you would like to follow long and build your own issuing CA while watching the video:
The video came out a little bit long due to some troubleshooting at the end, but I think it showed a couple of helpful things about checking the details of your certificates and fixing mistakes. Let me know if you think this is too long and I’ll make a shorter version.