Windows Vista Tips

Windows Vista Tips > Newsgroups > Windows Server > Server Security > enterprise vs stand-alone CA?

Thread Tools Display Modes

enterprise vs stand-alone CA?

B L Muzzy
Posts: n/a

I want to create a Certificate Authority on each of 2 DCs in a win2003
Active Directory domain. I'm not sure if it makes better sense to set up
Enterprise Root CAs or Stand-alone root CAs. The clients will be coldfusion
web apps that know nothing of windows domains. So they won't be able to
participate 'automatically' in the certificate enrollment available with
Enterprise CAs.

I want to have 2 CAs for failover. Each client specifies the DC that it
will use for user creation & password changes explicitedly. That is, i
can't tell them to authenticate with the domain, they have to authenticate
with and communicate over SSL with a specific DC. So i want 2 for
redundancy. If one is the root and suffers hardware failure would a
subordinate function OK or will it choke because it has no root? In which
case I'd think it would be better to make each their own root CA to be fully

I'd appreciate any advice. Thanks,

Bob Muzzy

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
2008 Enterprise Licensing: are 4 "Enterprise" VMs allowed? Quatres Windows Server 1 05-27-2009 01:51 PM
enterprise 2003 to 64bit enterprise psanborn Windows Server 1 08-13-2008 11:04 AM
RE: Enterprise W2k3/Enterprise Exchange to SBS migration? Manfred Zhuang [MSFT] Windows Small Business Server 0 02-27-2008 10:42 AM
2003 Enterprise SP2 or 2003 Enterprise R2 gocrm Windows Server 0 03-23-2007 10:29 AM
I've installed a commercial copy of 2003 Enterprise over a 2003 enterprise trial and activation troubles ... Leandro Becker Windows Server 0 06-08-2004 06:17 PM