How to install a Root Certification Authority - Step-by-step

"The root of the trust chain in any PKI is the Root Certification Authority."

For security reasons the machine that you will be using is an isolated / standalone / non-domain joined machine. You want to limit access to this machine as much as possible.

The function of the Root CA is to "generate the server certificates that will be installed on the subordinate CAs. And those subordinate CAs will actually distribute user and computer certificates."

Note that the default hash algorithm SHA-1 has been flagged as weak meanwhile. As this will be the root CA you can and should go for something strong like SHA512 and a key length of 4096 bits.


Sources:

Keywords:
Windows Server 2012 R2, Active Directory, Certification Authority

Comments

Post a Comment

Popular posts from this blog

SQL Server Setup: Windows Firewall warning (Ports)

Image
What was it again SQL server setup throws out, when you have your Windows Firewall on?! Rule "Windows Firewall" generated a warning. The Windows Firewall is enabled. Make sure the appropriate ports are open to enable remote access. See the rules documentation at http://go.microsoft.com/fwlink/?LinkId=94001 for information about ports to open for each feature. Keywords: Setup, Firewall, Ports, SQL Server, Microsoft
Read more

SQL Server 2014 Enterprise Edition: Server Setup: Feature Selection

Note: Still needs Microsoft .NET Framework 3.5. Instance Features The configuration and operation of each instance feature of a SQL Server instance is isolated from other SQL Server instances. SQL Server instances can operate side-by-side on the same computer. Database Engine Services Includes the Database Engine, the core service for storing, processing and securing data. The Database Engine provides controlled access and rapid transaction processing and also provides rich support for sustaining high availability. The Database Engine also provides support for the utility control point in the SQL Server Utility. Only Database Engine Services and Analysis Services can be clustered. SQL Server Replication Includes a set of technologies for copying and distributing data and database objects from one database to another and synchronizing between the databases for consistency. You can use replication to distribute data to different locations, and to remote a
Read more

How to read an assembly.dll.config

There is the common misconception that only a app.exe.config can be read in .NET C#. The truth is that the app.config is automatically read, while any other (correctly formed) app.config XML file can be read "manually". To open a named config file: Reference System.Configuration.dll assembly Using System.Configuration Create code like: Configuration GetDllConfiguration(Assembly targetAsm) { var configFile = targetAsm.Location + ".config"; var map = new ExeConfigurationFileMap { ExeConfigFilename = configFile }; return ConfigurationManager.OpenMappedExeConfiguration(map, ConfigurationUserLevel.None); } Sources: stackoverflow: Reading dll.config (not app.config!) from a plugin module Keywords: .NET, C#, app.config, dll.config, ConfigurationManager
Read more