Stans-alone root CA or Enterprise root CA

Discussion in 'Server Security' started by pestocat, Aug 31, 2006.

  1. pestocat

    pestocat Guest

    I have a small domain that I want to setup EAP/PEAP for a WIFi wireless
    switch environment and need to issue certificate to the switch. I have
    already installed a Stand-alone root CA, but after reading Chapter 10 of
    "The Ultimate Windows Server 2003 System Administrator's Guide", I get the
    impression I should have installed Enterprise root CA. Is this correct. What
    are the tradeoffs?
    Thank you
     
    pestocat, Aug 31, 2006
    #1
    1. Advertisements

  2. Unless you are going to be using a stand alone offline root CA which would
    be very unusual for a small domain you really want to an Enterprise CA in a
    domain. If not too much of a problem you could uninstall CA services from
    the server and reinstall it as Enterprise CA. Enterprise CA can make it much
    easier to request and issue computer and possibly user certificates via
    Group Policy particularly when the CA is installed on Windows 2003
    Enterprise edition which lets you use version 2 templates. You might be able
    to do what you want to issue the certificate needed for the WIFI as is but
    down the road you may want to take more advantage of PKI in your domain and
    then you will appreciate an enterprise CA.
     
    Steven L Umbach, Sep 1, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.