Standalone CA setup in Windows Server 2003 Std

01-09-2009

I am now setting up standalone Certificate Authority (Root & Subordinate CA)
using Windows Server 2003 R2 Standard Edition.

Under the default setting, the "Key Usage" for both CA are "Digital
Signature, Certificate Signing, Off-line CRL Signing, CRL Signing (86)".

How can I change the key usage to "Digital Signature, Non-Repudiation,
Certificate Signing, Off-line CRL Signing, CRL Signing (c6)"?

Also, in the "Authority Key Identifier" field, I would like to include both
"Certificate Issuer" & "Certificate Serialnumber" into this field. I tried
the following command already but it didn't work.

certutil -setreg policy\EditFlags +EDITF_ENABLEAKIISSUERNAME
certutil -setreg policy\EditFlags +EDITF_ENABLEAKIISSUERSERIAL

Does anyone know how to solve this?

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
New DFS Standalone 2008 Namespace / Migrate standalone 2003 server	Chris Meehan	Windows Server	5	03-27-2009 02:43 PM
Windows Update Client standalone setup cannot be run in wow64 mode	Shaun	Update Services	0	06-27-2007 05:26 PM
Standalone antivirus for Windows 2003 Server Standard	Arnold	Windows Server	3	01-04-2007 09:32 PM
Windows Storage Server 2003 - operate standalone?	Patrick Hunter	Windows Server	0	12-08-2005 02:49 PM
RRAS setup from AD server to remote standalone server	Scorpiosez	Server Networking	1	05-11-2004 04:21 AM