enterprise vs stand-alone CA?

Discussion in 'Server Security' started by B L Muzzy, Mar 21, 2009.

  1. B L Muzzy

    B L Muzzy Guest

    I want to create a Certificate Authority on each of 2 DCs in a win2003
    Active Directory domain. I'm not sure if it makes better sense to set up
    Enterprise Root CAs or Stand-alone root CAs. The clients will be coldfusion
    web apps that know nothing of windows domains. So they won't be able to
    participate 'automatically' in the certificate enrollment available with
    Enterprise CAs.

    I want to have 2 CAs for failover. Each client specifies the DC that it
    will use for user creation & password changes explicitedly. That is, i
    can't tell them to authenticate with the domain, they have to authenticate
    with and communicate over SSL with a specific DC. So i want 2 for
    redundancy. If one is the root and suffers hardware failure would a
    subordinate function OK or will it choke because it has no root? In which
    case I'd think it would be better to make each their own root CA to be fully
    independent.

    I'd appreciate any advice. Thanks,

    Bob Muzzy
     
    B L Muzzy, Mar 21, 2009
    #1

    1. Advertisements

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads
  1. Josh

    Slow login on stand alone

    Josh, Dec 23, 2007, in forum: Windows Vista Performance
    Replies:
    0
    Views:
    398
    Josh
    Dec 23, 2007
  2. TJ

    ? How to: Folder Redirection / Stand-alone Vista ?

    TJ, Dec 10, 2006, in forum: Windows Vista File Management
    Replies:
    0
    Views:
    496
    TJ
    Dec 10, 2006
  3. Tech Support

    how do I get vista to join window server2003 stand alone domain?

    Tech Support, Aug 14, 2007, in forum: Windows Vista Networking
    Replies:
    1
    Views:
    364
    Robert L [MVP - Networking]
    Aug 15, 2007
  4. xiowan

    Vista Home Premium/SP1 stand alone clean install procedure

    xiowan, Mar 25, 2008, in forum: Windows Vista Installation
    Replies:
    5
    Views:
    469
    xiowan
    Mar 25, 2008
  5. tke402

    Decommisioning Stand Alone Enterprise CA

    tke402, Apr 10, 2009, in forum: Windows Server
    Replies:
    1
    Views:
    363
    Meinolf Weber [MVP-DS]
    Apr 10, 2009
  6. Griff

    2003 Standard CA Stand Alone Vs. Enterprise

    Griff, Feb 14, 2005, in forum: Server Security
    Replies:
    6
    Views:
    652
    Steven L Umbach
    Feb 17, 2005
  7. Woody Kee

    What diffrent between Stand-alone CA and Enterprise CA

    Woody Kee, Nov 8, 2005, in forum: Server Security
    Replies:
    2
    Views:
    541
    Woody Kee
    Nov 9, 2005
  8. Vlad Nevsky

    Migrate Enterprise root authority CA to stand-alone root CA

    Vlad Nevsky, Dec 13, 2005, in forum: Server Security
    Replies:
    0
    Views:
    651
    Vlad Nevsky
    Dec 13, 2005
Loading...