|
I also see that The certificate that I see from
right clicking the CA is as attached. But when I check using a utility from my
machine, I see the following information:
Subject name: CN=kaling.meta.test
Issuer name :
C=IN, L=Pune, O=PSPL, OU=support, CN=meta-test
Valid from (dd/mm/yyyy):
25/03/2004
Valid to (dd/mm/yyyy): 25/03/2006
Which is not matching.
How can I correct this?
----- Original Message -----
Sent: Tuesday, March 01, 2005 1:30
AM
Subject: Re: [ActiveDir] Problem using
Certificates to connect to AD machine
I generated this certificate from the CA and it
says, it doesn't have enough information to verify this
certificate!
I generated a new certificate from
"Personal->certificate" from Certificate snap-in. Then copied this
certificate onto my machine and installed it here under the "Trusted Root
Certification Authorities" store. But am still not able to
connect.
:-(
----- Original Message -----
Sent: Monday, February 28, 2005 11:33
PM
Subject: Re: [ActiveDir] Problem using
Certificates to connect to AD machine
This is the error number I am able to
see.....
session=3741BE8 cannot negotiate SSL security
error 8048
can you speculate what this means?
----- Original Message -----
Sent: Monday, February 28, 2005 9:03
PM
Subject: Re: [ActiveDir] Problem
using Certificates to connect to AD machine
If you installed the CA on the PDC then did
you install it as an Enterprise CA?
If this is a production environment you
should really understand the PKI needs for your company
currently, and any future plans.
In a nutshell you need a Domain Controller
cert or Server Auth cert on the DC with the FQDN of the DC in
the Subject field.
Your clients need to be able to resolve
the FQDN and be able to reach the CDP locations you specified when setting
up the CA (defaults are LDAP and HTTP paths to the CA
itself)
Clients also need to have the Root CA
cert in the Trusted Roots store so the cert chains up
correctly.
good luck!
steve
----- Original Message -----
Sent: Monday, February 28, 2005
5:58 AM
Subject: RE: [ActiveDir] Problem
using Certificates to connect to AD machine
Slow down. This isn't the instant email AD support
hotline. You sent the message when most of the people are
offline that tend to respond to things. If you see it goes a couple
of days without a response, then it is probably good to ping the list
asking if anyone has seen it.
In the meanwhile, have you referred to the MS
websites on certs? Read the white papers and related docs? You were
unaware of the cert requirement for an LDAP update at all until I
responded Saturday with a fairly well known KB article that you could
have found through google.
Unless you are doing this from a non-windows
machine, also consider alternative mechanisms for changing passwords
that don't require the cert and ssl connection as well.
joe
any views?
----- Original Message -----
Sent: Monday, February 28, 2005
2:06 PM
Subject: Re: [ActiveDir] Problem
using Certificates to connect to AD machine
Hi,
I tried to generate a certificate using
the w2k CA, but smehow, I am not able to correctly generate one. The
s/w (CP MDS server) is not able to connect to the server using this
certificate.
The name of the PDC is "kaling" in the
domain "meta.test". But this machine is accessible from outside (eg.
from my machine) as "kaling.persistent.co.in".
Any thing I must take care while
generating the certificate?
Regards,
Mayuresh.
----- Original Message -----
Sent: Monday, February 28, 2005
1:51 PM
Subject: [ActiveDir] Problem
using Certificates to connect to AD machine
Hi,
I have installed a CA on my PDC. and
now I want to connect to this PDC from a different machine to change
the "unicodePwd" attribute. I created a certificate and exported it
and installed it on the connecting machine, but dont seem to be able
to connect.
Can you tell me how do I issue, and
which certificate should I issue to be able to connect to the PDC
machine?
Thanks.
Mayuresh Kshirsagar
Persistent Systems Pvt.
Ltd.,
402E, Bhageerath,
Senapati Bapat Road.
Pune -
16.
Phone:
020-25602983
________________________________________________________________________________
Persistent Systems is the Gold Sponsor of SOFTWARE
2005 April 26th-27th, Santa Clara,
CA
________________________________________________________________________________
|
cert.cer