Advanced Certificate Enrollment and Management

Applies To: Windows Server 2003 with SP1

Complex infrastructure environments and branch-office deployment environments often dictate unique and advanced management techniques for managing a public key infrastructure (PKI) or certificate deployment to remote servers. This white paper explains several remote deployment scenarios along with the step-by-step procedures to perform X.509 certificate enrollment to implement a secure infrastructure.

In This White Paper

Introduction (Advanced Certificate Enrollment and Management)

Requesting Offline Domain Controller Certificates (Advanced Certificate Enrollment and Management)

Processing Domain Controller Certificates

Domain Controller Certificate Installation

Removing Domain Controller Certificates

Troubleshooting (Advanced Certificate Enrollment and Management)

Appendix 1: Identifying a Domain Controller GUID

Appendix 2: Sample Scripts

Appendix 3: Certreq.exe Syntax

Appendix 4: Certutil -setextension

Appendix 5: ASN.1 File Structure

Appendix 6: Encoding and Decoding with Hexadecimal, Binary, and Base64

Summary (Advanced Certificate Enrollment and Management)

Related Links (Advanced Certificate Enrollment and Management)