Guest Lutz Posted January 20, 2009 Posted January 20, 2009 Hi, we have a running Windows 2003 PKI and just want add a Windows 2008 OCSP resonder. I am clear in the point how to add AIA to certificates. My questions are: - Can I sign a OCSP signing certificate with a Windows 2003 Standalone CA? - How can I generate a CSR from the OCSP MMC on Win2008 (OCSP responder machine is not a domain member)? - Can I use as alternative openSSL to generate OCSPsigning key and CSR? If so, can someone provide a config file? Any feedback is appreciated. Regards, Lutz Quote
Guest Peter Foldes Posted January 20, 2009 Posted January 20, 2009 Lutz You posted to the public.security newsgroup and it should have been posted to the windows.server.security newsgroup. Please repost it there news://msnews.microsoft.com/microsoft.publ...server.security -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "Lutz" <Lutz.MHipper@gmail.com> wrote in message news:73761a2f-4e75-498d-a00e-a27d9b2c2e4e@w34g2000yqm.googlegroups.com...<span style="color:blue"> > Hi, we have a running Windows 2003 PKI and just want add a Windows > 2008 OCSP resonder. I am clear in the point how to add AIA to > certificates. My questions are: > - Can I sign a OCSP signing certificate with a Windows 2003 Standalone > CA? > - How can I generate a CSR from the OCSP MMC on Win2008 (OCSP > responder machine is not a domain member)? > - Can I use as alternative openSSL to generate OCSPsigning key and > CSR? If so, can someone provide a config file? > Any feedback is appreciated. > Regards, > Lutz </span> Quote
Guest Brian Komar \(MVP\) Posted January 20, 2009 Posted January 20, 2009 Actually, I see no problem posting it here, Peter. Just my opinion though... Brian "Peter Foldes" <okf122@hotmail.com> wrote in message news:#bGh0MxeJHA.5040@TK2MSFTNGP02.phx.gbl...<span style="color:blue"> > Lutz > > You posted to the public.security newsgroup and it should have been posted > to the windows.server.security newsgroup. Please repost it there > > news://msnews.microsoft.com/microsoft.publ...server.security > > > -- > Peter > > Please Reply to Newsgroup for the benefit of others > Requests for assistance by email can not and will not be acknowledged. > > "Lutz" <Lutz.MHipper@gmail.com> wrote in message > news:73761a2f-4e75-498d-a00e-a27d9b2c2e4e@w34g2000yqm.googlegroups.com...<span style="color:green"> >> Hi, we have a running Windows 2003 PKI and just want add a Windows >> 2008 OCSP resonder. I am clear in the point how to add AIA to >> certificates. My questions are: >> - Can I sign a OCSP signing certificate with a Windows 2003 Standalone >> CA? >> - How can I generate a CSR from the OCSP MMC on Win2008 (OCSP >> responder machine is not a domain member)? >> - Can I use as alternative openSSL to generate OCSPsigning key and >> CSR? If so, can someone provide a config file? >> Any feedback is appreciated. >> Regards, >> Lutz</span> > </span> Quote
Guest Peter Foldes Posted January 20, 2009 Posted January 20, 2009 Hi Brian I appreciate your input but my opinion somewhat differs from yours. If a poster posts to the public.security newsgroup it will be most likely posters that are using OS's such as Windows 98 to Windows Vista. If the OP is posting concerning a Windows Server such as this OP did then I believe that the post belongs to the windows.server.security newsgroup where other who are using the W2K3 can also benefit from the answer. Although you and some others are capable to answer this OP and I also use W2K3 as you can see from my posting Properties, I do not see a point of doing it here in the public security. Thanks Brian -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "Brian Komar (MVP)" <brian.komar@nospam.identit.ca> wrote in message news:ezum66yeJHA.4444@TK2MSFTNGP04.phx.gbl...<span style="color:blue"> > Actually, I see no problem posting it here, Peter. > Just my opinion though... > Brian > > "Peter Foldes" <okf122@hotmail.com> wrote in message > news:#bGh0MxeJHA.5040@TK2MSFTNGP02.phx.gbl...<span style="color:green"> >> Lutz >> >> You posted to the public.security newsgroup and it should have been posted to the >> windows.server.security newsgroup. Please repost it there >> >> news://msnews.microsoft.com/microsoft.publ...server.security >> >> >> -- >> Peter >> >> Please Reply to Newsgroup for the benefit of others >> Requests for assistance by email can not and will not be acknowledged. >> >> "Lutz" <Lutz.MHipper@gmail.com> wrote in message >> news:73761a2f-4e75-498d-a00e-a27d9b2c2e4e@w34g2000yqm.googlegroups.com...<span style="color:darkred"> >>> Hi, we have a running Windows 2003 PKI and just want add a Windows >>> 2008 OCSP resonder. I am clear in the point how to add AIA to >>> certificates. My questions are: >>> - Can I sign a OCSP signing certificate with a Windows 2003 Standalone >>> CA? >>> - How can I generate a CSR from the OCSP MMC on Win2008 (OCSP >>> responder machine is not a domain member)? >>> - Can I use as alternative openSSL to generate OCSPsigning key and >>> CSR? If so, can someone provide a config file? >>> Any feedback is appreciated. >>> Regards, >>> Lutz</span> >> </span></span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.