Server certificate for DC - can I have more than one ?
Windows Server Forum Index Windows Server
Server discussion on Windows platform.
 
 FAQFAQ   MemberlistMemberlist     RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Google
 
Web winserverhelp.com
Server certificate for DC - can I have more than one ?

 
Post new topic   Reply to topic    Windows Server Forum Index -> Active Directory
Author Message
Jason
Guest
Posted: Sun Jan 16, 2005 4:55 am    Post subject: Server certificate for DC - can I have more than one ? Reply with quote
Hi , I need to run secure LDAPS on a DC. The certificate ( request ) is
generated using the IIS on the DC and server certificate was granted by a
standalone CA.

My questions are :

1) My experience is that after installed a certificate I have to re-boot the
server ( win 2K ) before the certificate could "take effect" , is this
correct and why ? Example , I have delete a certificate and installed with
a new one ( before it is expired ), but when users connected to it , they
said they could connect and the certificate is the same old one ?

2) Can I have more than one certificate for the same server which have the
same "CN" name , both of them enabled with "All purpose" but with a
different expiration date ? ( Or it has to be a different CN name ? E.g
WWW.servername.domain.com and servername.domain.com)

Any explanation highly appreciated.

Jason
Back to top
Brian Desmond [MVP]
Guest
Posted: Sun Jan 16, 2005 10:28 am    Post subject: Re: Server certificate for DC - can I have more than one ? Reply with quote
Jason,

My experience with #1 is that you can put a certificate in whiel the server
is up.

Not sure about #2, though I don't see why not.

--
--Brian Desmond
Windows Server MVP
desmondb@payton.cps.k12.il.us

www.briandesmond.com
"Jason" <jasons@hotmail.com> wrote in message
news:%23$0PZZ1%23EHA.3260@TK2MSFTNGP14.phx.gbl...
Quote:
Hi , I need to run secure LDAPS on a DC. The certificate ( request ) is
generated using the IIS on the DC and server certificate was granted by a
standalone CA.

My questions are :

1) My experience is that after installed a certificate I have to re-boot
the server ( win 2K ) before the certificate could "take effect" , is
this correct and why ? Example , I have delete a certificate and
installed with a new one ( before it is expired ), but when users
connected to it , they said they could connect and the certificate is the
same old one ?

2) Can I have more than one certificate for the same server which have the
same "CN" name , both of them enabled with "All purpose" but with a
different expiration date ? ( Or it has to be a different CN name ? E.g
WWW.servername.domain.com and servername.domain.com)

Any explanation highly appreciated.

Jason
Back to top
 
Post new topic   Reply to topic    Windows Server Forum Index -> Active Directory All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




New Topics Powered by phpBB