I am thinking about bringing up another WinServer 2008 R2 server under VMWare and using it as my Root CA. Those who need them and they can manually import them to the Trusted RootĬertification Authorities store on their local computers, or, you couldĬreate a GPO and distribute them that way. I'm assuming that these are some kind of self-signed certificatesĪnd if that's the case then you can either send copies of the certs to There's no compelling need to stand up a CA just to get rid of those error If you already have certificates that can be used for these devices then Of course, none of this is visible to anyone outside my network, hence the use of certificates generated internally. If I can issue certificates via my own CA and then import them into the Meru and Netapp interfaces, these messages will no longer be displayed. When either me or my staff visit these interfaces we always get the message that this may not be a trusted site and have to hit "continue to this site" to get For example, my wirelessĬontrollers (Meru) and my centralized storage (Netapp) both have web based interfaces. We are a public school district with about 4,300 students and will be using the CA to issue about 5 or 6 certs to use internally. I have a small environment so my original thought was just to have a root CA and not a secondary CA. Service but it does not mention where it should be installed. What is best practice for where certificate services should be installed? On my primary domain controller? On one of the other domain controllers? On a separate member server dedicated to this service? I have found the following articles on installing this I have a number of services on campus that need self signed certificates so I can get rid of the annoying messages about services not being trusted.
Install spiceworks on seperate server install#
I want to install Microsoft Active Directory Certificate Services (AD DS) so I can generate
We have about 30 member servers running all type of services including Exchange 2007, SQL 2005, etc. We have three domain controllers all running Win Server 2008 R2.