Can anyone shed any light on how I can import a Verisign Secure Server ID into a Win2K stand-alone Root CA... do I need to use DSSTORE.EXE ? It looks like the import file has to be in PKCS#12 format... is this the case ?
Also, I take it that it's possible for subordinate Enterprise and stand-alone CA's in the certificate hierarchy to use that 3rd party certificate.. or will each of these also require their own certificate from Verisign ?.... I'm planning on using the subordinate Enterprise CA to issue certificates to AD clients for e-mail signing, HTTPS (OWA), IPSEC etc...with the stand-alone subordinate issuing certificates to external customers Verisign's website isn't much use and seems too web server oriented. Microsoft's documentation is a little too high level, so any practical examples on how this can be accomplished or URL's would be appreciated.. the only other suitable product I've seen is Omnitool from Baltimore. Thanks Mylo List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
