Announcement

Collapse
No announcement yet.

Installing Certificate Authority - Best Practice?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Installing Certificate Authority - Best Practice?

    Hi,

    It has been brought to my teams attention that we suddenly need to install CA for a new application that is going live.

    None of us have much experience with CA, but are currently having a debate on how we should go forward.

    Is there a best practice for where the CA service should be installed?

    I am suggesting either its own member server specifically for CA or a Domain Controller.

    My colleague is suggesting to install the CA service directly onto the application server that requires it.

    I can't see this being a logical approach... because if a further need for CA arrives in the future, it would be stupid to have multiple CAs spread across multiple application servers... when you could have one CA (either on a DC or its own member server) doing all the work?

    Thanks in advance!

  • #2
    Re: Installing Certificate Authority - Best Practice?

    What's the goal of this CA?
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Installing Certificate Authority - Best Practice?

      http://www.microsoft.com/downloads/d...displaylang=en

      That's Microsoft's best practices guide, should be a good starting point.
      BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
      sigpic
      Cruachan's Blog

      Comment

      Working...
      X