enterprise vs stand-alone CA?

Discussion in 'Server Security' started by B L Muzzy, Mar 21, 2009.

  1. B L Muzzy

    B L Muzzy Guest

    I want to create a Certificate Authority on each of 2 DCs in a win2003
    Active Directory domain. I'm not sure if it makes better sense to set up
    Enterprise Root CAs or Stand-alone root CAs. The clients will be coldfusion
    web apps that know nothing of windows domains. So they won't be able to
    participate 'automatically' in the certificate enrollment available with
    Enterprise CAs.

    I want to have 2 CAs for failover. Each client specifies the DC that it
    will use for user creation & password changes explicitedly. That is, i
    can't tell them to authenticate with the domain, they have to authenticate
    with and communicate over SSL with a specific DC. So i want 2 for
    redundancy. If one is the root and suffers hardware failure would a
    subordinate function OK or will it choke because it has no root? In which
    case I'd think it would be better to make each their own root CA to be fully
    independent.

    I'd appreciate any advice. Thanks,

    Bob Muzzy
    B L Muzzy, Mar 21, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Josh

    Slow login on stand alone

    Josh, Dec 23, 2007, in forum: Windows Vista Performance
    Replies:
    0
    Views:
    210
  2. tke402

    Decommisioning Stand Alone Enterprise CA

    tke402, Apr 10, 2009, in forum: Windows Server
    Replies:
    1
    Views:
    252
    Meinolf Weber [MVP-DS]
    Apr 10, 2009
  3. Griff

    2003 Standard CA Stand Alone Vs. Enterprise

    Griff, Feb 14, 2005, in forum: Server Security
    Replies:
    6
    Views:
    453
    Steven L Umbach
    Feb 17, 2005
  4. Woody Kee
    Replies:
    2
    Views:
    330
    Woody Kee
    Nov 9, 2005
  5. Vlad Nevsky
    Replies:
    0
    Views:
    404
    Vlad Nevsky
    Dec 13, 2005
Loading...

Share This Page