S
schapman
We are using EAP-TLS for our wireless network. And were wondering,
when a user makes a request for a certificate to authenticate they
have the option to mark their private keys as exportable (We're using
the mSOFT certification authority). This means they can move that
certificate to another machine if they want. We want to stop this from
being able to happen. When they make the request, I am the one that
has to issue the certificate, but from what I can see in the
Certificate snap-in there is no way to see if they had that option
checked. Does anyone know if it's possible and/or how to disable that
ability? or do we have to switch to a different certification
authority that supports it?
when a user makes a request for a certificate to authenticate they
have the option to mark their private keys as exportable (We're using
the mSOFT certification authority). This means they can move that
certificate to another machine if they want. We want to stop this from
being able to happen. When they make the request, I am the one that
has to issue the certificate, but from what I can see in the
Certificate snap-in there is no way to see if they had that option
checked. Does anyone know if it's possible and/or how to disable that
ability? or do we have to switch to a different certification
authority that supports it?