This blog post finishes a Certificate Autoenrollment in Windows Server 2016 blog post series. Here is a list of posts in the series:
First part makes introduction to certificate autoenrollment and describes certificate enrollment architecture in Windows 10 and Windows Server 2016.
Second part explains certificate autoenrollment architecture, its components and detailed processing rules.
Third part provides a step-by-step guide on configuring and utilizing certificate autoenrollment feature.
The last part provides information about advanced certificate autoenrollment features, scenarios and troubleshooting guide. Next section contains a list of reference documents used to write this whitepaper.
References
- Certificate Autoenrollment in Windows XP by David B. Cross (Microsoft)
(https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-xp/bb456981(v=technet.10))
- [MS-CERSOD]: Certificate Services Protocols Overview — Open Protocol Specifications, Microsoft (https://msdn.microsoft.com/en-us/library/hh297583.aspx)
- [MS-CAESO]: Certificate Autoenrollment System Overview [ARCHIVED] — Open Protocol Specifications, Microsoft (https://msdn.microsoft.com/en-us/library/jj633107.aspx)
- [MS-WCCE]: Windows Client Certificate Enrollment Protocol — Open Protocol Specifications, Microsoft (https://msdn.microsoft.com/en-us/library/cc249879.aspx)
- [MS-XCEP]: X.509 Certificate Enrollment Policy Protocol — Open Protocol Specifications, Microsoft (https://msdn.microsoft.com/en-us/library/dd302869.aspx)
- [MS-WSTEP]: WS-Trust X.509v3 Token Enrollment Extensions — Open Protocol Specifications, Microsoft (https://msdn.microsoft.com/en-us/library/dd340609.aspx)
- [MS-CRTD]: Certificate Templates Structure — Open Protocol Specifications, Microsoft
(https://msdn.microsoft.com/en-us/library/cc226517.aspx)
- RFC 5272: Certificate Management over CMS (CMC) — Internet Engineering Task Force
(https://tools.ietf.org/html/rfc5272)
- Active Directory Certificate Services Longhorn Beta3 Key Archival and Recovery — Whitepaper, Microsoft (
https://www.microsoft.com/en-us/download/details.aspx?id=19952, https://www.sysadmins.lv/dl/49.aspx)
- Implementing and Administering Certificate Templates in Windows Server 2008 — Whitepaper, Microsoft (
https://www.microsoft.com/en-us/download/details.aspx?id=19169, https://www.sysadmins.lv/dl/44.aspx)*
- Query and Manage Event Logs with the Windows Events Command Line Utility (https://technet.microsoft.com/en-us/library/dd310329.aspx)
- Certificate Rebind in IIS 8.5 — Microsoft Docs, Microsoft (https://docs.microsoft.com/iis/get-started/whats-new-in-iis-85/certificate-rebind-in-iis85)
- Superseded Certificate Templates and impact on user’s AD store — Microsoft Support Knowledge Base (https://support.microsoft.com/en-us/help/2884551/superseded-certificate-templates-and-impact-on-user-s-ad-store)
- Certificate Enrollment Web Services in Active Directory Certificate Services — Whitepaper, Microsoft (https://social.technet.microsoft.com/wiki/contents/articles/7734.certificate-enrollment-web-services-in-active-directory-certificate-services.aspx
* — the link is dead. No replacement link is available.
Download
Here is full-featured printable version of the whitepaper:
Comments: