F
Francisco J. Gaspar
Guest
Hi,
I have an active directory called exampledomain.com (it is just an example). I have installed an Enterprise CA to issue certificates for that domain.
In the active directory, we have an Exchange server which provides mail for @example.com domain.
My customer wants to be able to issue user certificates from Enterprise CA that allow users to sign their emails, so that the trusted chain not be broken. As exampledomain.com is not a wideworld trusted certificate authority, any certificate issued by it won't be trusted outside the company. But the company doesn't want to pay for each employee signing certificate.
How can this be achieved? I guess that we will have to purchase some kind of certificate to Verisign or any other provider, and install in somewhere in our CA, but I don't know the process.
Can anybody help me?
Continue reading...
I have an active directory called exampledomain.com (it is just an example). I have installed an Enterprise CA to issue certificates for that domain.
In the active directory, we have an Exchange server which provides mail for @example.com domain.
My customer wants to be able to issue user certificates from Enterprise CA that allow users to sign their emails, so that the trusted chain not be broken. As exampledomain.com is not a wideworld trusted certificate authority, any certificate issued by it won't be trusted outside the company. But the company doesn't want to pay for each employee signing certificate.
How can this be achieved? I guess that we will have to purchase some kind of certificate to Verisign or any other provider, and install in somewhere in our CA, but I don't know the process.
Can anybody help me?
Continue reading...