This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
links:pki [2015/09/21 10:17] jdg |
links:pki [2019/03/06 07:33] (current) |
||
---|---|---|---|
Line 33: | Line 33: | ||
* AIA = [[wp>PKI_Resource_Query_Protocol#Certificate_Extensions|Authority Information Access]] (defined in [[https://www.ietf.org/rfc/rfc3280.txt|RFC-3280]]) | * AIA = [[wp>PKI_Resource_Query_Protocol#Certificate_Extensions|Authority Information Access]] (defined in [[https://www.ietf.org/rfc/rfc3280.txt|RFC-3280]]) | ||
* PRQP = [[wp>PKI_Resource_Query_Protocol|PKI Resource Query Protocol]] is similar (in concept) to a 'DNS for PKI resources' | * PRQP = [[wp>PKI_Resource_Query_Protocol|PKI Resource Query Protocol]] is similar (in concept) to a 'DNS for PKI resources' | ||
+ | * [[https://www.ietf.org/rfc/rfc3647.txt|RFC-3647]] Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework | ||
===== PEN ===== | ===== PEN ===== | ||
Line 146: | Line 147: | ||
* [[https://technet.microsoft.com/en-us/library/cc732590.aspx|Implement Role-Based Administration]] (Applies To: Windows Server 2008 R2) | * [[https://technet.microsoft.com/en-us/library/cc732590.aspx|Implement Role-Based Administration]] (Applies To: Windows Server 2008 R2) | ||
* [[https://technet.microsoft.com/en-us/library/hh831822.aspx|Certificate Enrollment Web Service Guidance]] (Applies To: Windows Server 2012 R2, Windows Server 2012) | * [[https://technet.microsoft.com/en-us/library/hh831822.aspx|Certificate Enrollment Web Service Guidance]] (Applies To: Windows Server 2012 R2, Windows Server 2012) | ||
- | * [[http://social.technet.microsoft.com/wiki/contents/articles/7734.certificate-enrollment-web-services-in-active-directory-certificate-services.aspx|Certificate Enrollment Web Services in Active Directory Certificate Services] (Applies to Windows Server 2008 R2 and Windows Server 2012) | + | * [[http://social.technet.microsoft.com/wiki/contents/articles/7734.certificate-enrollment-web-services-in-active-directory-certificate-services.aspx|Certificate Enrollment Web Services in Active Directory Certificate Services]] (Applies to Windows Server 2008 R2 and Windows Server 2012) |
- | * OCSP | + | * [[https://technet.microsoft.com/en-us/library/cc700843.aspx|Troubleshooting Certificate Status and Revocation]] |
+ | * [[https://technet.microsoft.com/en-us/library/cc754154.aspx|Establish Restricted Enrollment Agents]] | ||
+ | * [[https://technet.microsoft.com/en-us/library/cc783835(v=ws.10).aspx|Requesting Offline Domain Controller Certificates (Advanced Certificate Enrollment and Management)]] | ||
+ | * [[https://technet.microsoft.com/en-us/library/cc732517(v=ws.10).aspx|AD CS: Web Enrollment]] | ||
+ | * | ||
+ | ===== OCSP ===== | ||
+ | |||
* [[ | * [[ | ||
https://technet.microsoft.com/en-us/library/cc770413(v=ws.10).aspx | https://technet.microsoft.com/en-us/library/cc770413(v=ws.10).aspx | ||
Line 153: | Line 161: | ||
* OCSP -> [[https://technet.microsoft.com/en-us/library/cc731099.aspx|Creating a Revocation Configuration]] (Applies To: Windows Server 2008 R2) | * OCSP -> [[https://technet.microsoft.com/en-us/library/cc731099.aspx|Creating a Revocation Configuration]] (Applies To: Windows Server 2008 R2) | ||
* https://raymii.org/s/articles/OpenSSL_Manually_Verify_a_certificate_against_an_OCSP.html | * https://raymii.org/s/articles/OpenSSL_Manually_Verify_a_certificate_against_an_OCSP.html | ||
+ | * [[http://blogs.technet.com/b/askds/archive/2009/06/30/implementing-an-ocsp-responder-part-iv-configuring-ocsp-for-use-with-standalone-cas.aspx|Implementing an OCSP responder: Part IV - Configuring OCSP for use with Standalone CAs]] | ||
+ | * [[http://www.sysadmins.lv/blog-en/the-case-of-ocsp-configuration-for-use-with-standalone-cas.aspx|The case of OCSP configuration for use with Standalone CAs]] | ||
+ | * [[http://blogs.technet.com/b/configmgrteam/archive/2009/05/01/how-to-publish-the-crl-on-a-separate-web-server.aspx|How to Publish the CRL on a Separate Web Server]] | ||
+ | * [[https://social.technet.microsoft.com/forums/windowsserver/en-US/752b531e-9bc0-4525-b0d8-7046888c9005/ocsp-issue-unable-to-get-good-response-from-online-responder|OCSP issue - Unable to get good response from online responder]] | ||
===== Microsoft DA ===== | ===== Microsoft DA ===== | ||
Line 187: | Line 199: | ||
certlm.msc = Local Certificates Local Computer | certlm.msc = Local Certificates Local Computer | ||
certtmpl.msc = Certificate Templates | certtmpl.msc = Certificate Templates | ||
+ | cluadmin.msc = Cluster Administrator | ||
dsa.msc = AD Users and Computers | dsa.msc = AD Users and Computers | ||
gpedit.msc = Local Group Policy Editor | gpedit.msc = Local Group Policy Editor | ||
Line 211: | Line 224: | ||
18-06-2013 16:47 92.746 services.msc | 18-06-2013 16:47 92.746 services.msc | ||
18-06-2013 17:30 64.923 wbadmin.msc | 18-06-2013 17:30 64.923 wbadmin.msc | ||
+ | </code> <code> | ||
+ | Windows 8, Server 2012: save screenshot directly to file: | ||
+ | - press <Windows> key + <Prt Sc> (Print Screen) | ||
+ | - full screen PNG is directly saved to $HOME\Pictures\Screenshots\ | ||
</code> | </code> | ||
* MMC = [[wp>Microsoft_Management_Console|Microsoft Management Console]] | * MMC = [[wp>Microsoft_Management_Console|Microsoft Management Console]] | ||
Line 221: | Line 238: | ||
http://burgerhout.org/directaccess-troubleshooting-tool/ | http://burgerhout.org/directaccess-troubleshooting-tool/ | ||
|DirectAccess Troubleshooting Tool]] | |DirectAccess Troubleshooting Tool]] | ||
- | |||
===== Microsoft Bitlocker ===== | ===== Microsoft Bitlocker ===== | ||