So, I was given the mission of creating a small internal pki to
authenticate SSL apaches and maybe some other little stuff. We have an
Active Directory service already working, but not using the Certificate
Services and etcetera.
We choose to use openssl to generate the CA and certificates using
OpenSSL since we'll be removing Active Directory and Exchange sometime
in the next months, but in the meantime I need to publish our new CA
certificate to the entire windows network. Of course, I can email
everybody and ask they toaccess the .crt/.der on a http address or
something, but I would like to do that in a more transparent way.
I read something about the certutil app on windows/AD but I'm not very
sure how it works, can anyone point me some documentation or even
provide any information about how to install the CA certificate on a
large network?
Thanks.
[]s
Jose P. E. Junior
CSS/CGI -MDS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
