why can't I use my own CA for a digital ID?

N

neo [mvp outlook]

You could, but anyone external to your agency/network wouldn't have a copy
of your root CA on their machine. This alone would net the person an
information dialog on asking whether or not the certificate should be
trusted.
 
S

Spin

I don't mind that. They could import the certificate onto their machine,
and then they won't be prompted anymore. This way I can do email encryption
with my IT colleagues (as we practice for our MCSE) without having to pay
for a true public cert. from the likes of VeriSign, etc...

So, I am looking for instructions on whole to request a cert from my own CA
to use for my email client. I have already done this successfully requested
a certificate (web template) for an IIS Server to do SSL. Sure, browsers
get prompted with an information dialog on asking whether or not the
certificate should be trusted, but heck, this is all just practice anyway!

--

neo said:
You could, but anyone external to your agency/network wouldn't have a copy
of your root CA on their machine. This alone would net the person an
information dialog on asking whether or not the certificate should be
trusted.
--
Neo [MVP Outlook]
Due to the Swen virus, all e-mails sent to this account will be deleted
w/out reading.


Spin said:
Using Outlook Express 6.0 as my Internet email client. According to this
link:
Click to expand...
http://office.microsoft.com/assistance/preview.aspx?AssetID=HA010547821033&C
Click to expand...
 
L

Laura A. Robinson [MVP]

circa Sat, 17 Jan 2004 00:38:38 -0500, in
microsoft.public.windows.server.general, Spin ([email protected]) said,
Using Outlook Express 6.0 as my Internet email client. According to this
link:

http://office.microsoft.com/assistance/preview.aspx?AssetID=HA010547821033&C
TT=6&Origin=EC010553071033

I may only get digital IDs from Verisign, GlobalSign, BT, or Thawte. I
created my own internal CA, so why can't I use that for a digital ID?
Click to expand...
Well, technically, you could. The problem is, everybody to whom you
send e-mail would have to add your CA to their trusted CAs lists in
order for this idea to work.

Laura
 
L

Laura A. Robinson [MVP]

circa Sat, 17 Jan 2004 09:44:14 -0500, in
microsoft.public.windows.server.general, Spin ([email protected]) said,
I don't mind that. They could import the certificate onto their machine,
and then they won't be prompted anymore. This way I can do email encryption
with my IT colleagues (as we practice for our MCSE) without having to pay
for a true public cert. from the likes of VeriSign, etc...

So, I am looking for instructions on whole to request a cert from my own CA
to use for my email client. I have already done this successfully requested
a certificate (web template) for an IIS Server to do SSL. Sure, browsers
get prompted with an information dialog on asking whether or not the
certificate should be trusted, but heck, this is all just practice anyway!
Click to expand...
Start -> Run -> MMC. Add the Certificates snap-in. Start right-
clicking. You'll find it. :)

Laura
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Digital ID error: Underlying security system cannot find the ID, e 0
Should I install my own CA for use with OWA? 6
Partitions -- can't load XP... also, what is my XP ID number for online assist? 3
WTD: Nvidia Videocard for 4x AGP Slot 0
FWT Newsletter - Weekly - October 18, 2004 0
FWT Newsletter - Weekly - October 11, 2004 0
FWT Newsletter - Weekly - November 10, 2003 3
FWT Newsletter - Weekly - September 6, 2004 1

Top