Operating a PKI: Revoking Orphaned Certificates (Video)

This video covers the steps necessary to revoke orphaned certificates. Additional information on this topic is available at http://blogs.technet.com/b/xdot509/archive/2013/06/18/operating-a-pki-revoking-orphaned-certificates.aspx. Revoking Orphaned Certificats

0

Operating a PKI: Revoking Orphaned Certificates

Orphaned certificates are certificates that are issued by a Certification Authority, but after issuing the certificates the Certification Authority has no knowledge of the certificates.  This situation most commonly occurs after the restore of a Certification Authority. is illustrated in the graphic below.  In this example the CA is backed up at Time 0.  After…

0

Operating a PKI: SMTP Exit Module

I am back to discuss the SMTP Exit Module.  The SMTP Exit Module is a very useful monitoring tool, yet so many are unaware of the SMTP Exit Module.  In this blog posting I am going to answer the following questions and address the following topics related to the SMTP Exit Module: What is an…

1

PKI Tip: More Certificate Store Shortcuts

Shortly after I posted PKI Tip: Certificate Store Shortcuts, Tom Aafloen (@TomAafloen) let me know of another easy way to access the Certificate Stores in Windows 8 & Windows Server 2012. Step 1.  Hold down the Windows key on the keyboard and press the W Key (Windows key + W key) to search settings. Step…

0

PKI Tip: Certificate Store Shortcuts

For those that spend time managing certificates I wanted to highlight some shortcuts for certificate management.  For a while now we have been able to directly access the Certificate MMC targeted for the Current User by launching certmgr.msc. Which opens up the Certificate MMC targeted for the Current User as seen below. The Bad News…

0

Operating a PKI: CA Certificate Renewals and OCSP

There are some effects that CA Certificate Renewal has on OCSP.  OCSP provides revocation checking information for clients.  For, each CA an OCSP Responder has a Revocation Configuration.  Each Revocation Configuration has an OCSP Signing Certificate associated with it.  The private key of the OCSP Signing Certificate is used to sign OCSP Responses so that…

0

Operating a Windows PKI: Renewing CA Certificates

In the previous blog posting (Operating a Windows PKI: Certification Authority Certificate Lifecycle and Renewals) I covered considerations for the CA Certificates lifecycle and when CA certificates should be renewed.  In this blog posting, I am going to cover some additional considerations and walkthrough the process of renewing CA Certificates. CRLNameSuffix Two important things to…

1