PKI For Network Engineers (6/?): Web certificate Enrollment

Finally!  After all the work we’ve done, we get down to the business of actually issuing a certificate to a router.  We set up the web enrollment service, configure a template, and enroll a router.

At the very end I also point out a few things about the issued certificate.  With all the work we’ve done to this point, it’s cool to see it all being put to use. I didn’t go in to a lot of detail because I wanted to keep it short, but I think it’s really worthwhile to study the certificates you issue from your lab pki and learn what the different fields are and what they are used for, and how they relate to the configuration of your pki.

Here are snippets of the different commands I used on the router in the video.


In the next installment we’ll look at network device Enrollment service, which is Microsoft’s implementation of SCEP.

Thanks for watching and I hope you find this helpful.


Leave a Reply