G
Graham Walmsley
Hi,
Looking at all the documentation for IPSec it mentions that the certificates
at each end of the connection have to be trusted by the other end. It
indicates that the certificate for the issuing authority must be installed
on each end of the link for a certificate to be trusted.
I am running my own CA and everything is working, but I want to make sure
that only computers with a certificate issued by my own CA are allowed to
connect. If someone has a certificate issued, for example, by Verisign, and
I have Verisign certificates on my server (they are installed with IE) does
that mean that the Verisign issued certificate is trusted?
I hope that made sense!
I am using Windows 2000 with the Microsoft CA.
Any answer or pointers to the correct documents would be great
Graham
Looking at all the documentation for IPSec it mentions that the certificates
at each end of the connection have to be trusted by the other end. It
indicates that the certificate for the issuing authority must be installed
on each end of the link for a certificate to be trusted.
I am running my own CA and everything is working, but I want to make sure
that only computers with a certificate issued by my own CA are allowed to
connect. If someone has a certificate issued, for example, by Verisign, and
I have Verisign certificates on my server (they are installed with IE) does
that mean that the Verisign issued certificate is trusted?
I hope that made sense!
I am using Windows 2000 with the Microsoft CA.
Any answer or pointers to the correct documents would be great
Graham