G
Guest
hi all
currently we have a CA running, but since it is not accessible most of the
time, Certifcates for IIS Portal Users can not be issued in time.
Therefor we need to make a new TRUSTED CA.
There are approx 500 Users and 100 user migrations per year.
Since the Certificate that the CA issues must be trusted, what options do we
have?
Can we have a new CA, and make a trusted root certificate for the IIS Server
and make Certificates for all users and map the new ones to the already
existing users on the IIS (like many-to-one)
What needs to be done so the end user does not realize that there is a new
CA, and what is needed for a trusted certifacate (all green, no yellow in the
dialog box)
im sorry if my explanation is a bit rough, but im doing a solution design
and am not really a CA specialist. It would be helpfull to have some valuable
input form professionals on what is realistic and what is not.
currently we have a CA running, but since it is not accessible most of the
time, Certifcates for IIS Portal Users can not be issued in time.
Therefor we need to make a new TRUSTED CA.
There are approx 500 Users and 100 user migrations per year.
Since the Certificate that the CA issues must be trusted, what options do we
have?
Can we have a new CA, and make a trusted root certificate for the IIS Server
and make Certificates for all users and map the new ones to the already
existing users on the IIS (like many-to-one)
What needs to be done so the end user does not realize that there is a new
CA, and what is needed for a trusted certifacate (all green, no yellow in the
dialog box)
im sorry if my explanation is a bit rough, but im doing a solution design
and am not really a CA specialist. It would be helpfull to have some valuable
input form professionals on what is realistic and what is not.