What is the importance of deploying digital certificates on application servers in the domain ?

  • Thread starter Thread starter Marlon Brown
  • Start date Start date
M

Marlon Brown

Win2000SP4 AD domain.

Application server admin requests that I install digital certificates in the
domain to make all Application servers more protected when being accessed
from the internal network.

I would like to double check and see implications and level of importance of
doing that ? Please advise if that is troublesome to implement.
 
Ask him for exactly what purpose, as there are many certificates for
different uses. If he wants to use ipsec to encrypt traffic and use a
require ipsec policy on the application servers to restrict access, by
default kerberos will be used for computer authentication in a domain and
works very well. Otherwise certificates can be used for ipsec. It is not
that difficult to install a Certificate Authority, however users will have
to manually request certificates [in W2K] though computer certificates can
be issued by automatic request via Group Policy. The link below is for the
basics of setting up a CA. --- Steve

http://www.microsoft.com/WINDOWS2000/techinfo/planning/security/casetupsteps.asp
 
Back
Top