What is the importance of deploying digital certificates on application servers in the domain ?

  • Thread starter Thread starter Marlon Brown
  • Start date Start date
M

Marlon Brown

Win2000SP4 AD domain.

Application server admin requests that I install digital certificates in the
domain to make all Application servers more protected when being accessed
from the internal network.

I would like to double check and see implications and level of importance of
doing that ? Please advise if that is troublesome to implement.
 
Ask him for exactly what purpose, as there are many certificates for
different uses. If he wants to use ipsec to encrypt traffic and use a
require ipsec policy on the application servers to restrict access, by
default kerberos will be used for computer authentication in a domain and
works very well. Otherwise certificates can be used for ipsec. It is not
that difficult to install a Certificate Authority, however users will have
to manually request certificates [in W2K] though computer certificates can
be issued by automatic request via Group Policy. The link below is for the
basics of setting up a CA. --- Steve

http://www.microsoft.com/WINDOWS2000/techinfo/planning/security/casetupsteps.asp
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

For a smaller deployment, it would be wiser buying a certificate from Verisign ? 1
help with certificate services in setting up live communications server? 1
Cannot Request Certificate 1
Should I install Certificate Authority to solve these problems ? 4
EFS Auto enroll 0
Move 2000 Certificate server to 2003 on new hardware 3
event id 80 & 77 certsvc 0
Create a computer certificate for non-connected machine? 1

Back
Top