On Tue, Oct 29, 2013 at 2:26 PM, Ken Cornetet <[email protected]> wrote: > You are making this WAY too hard. Install certificate servicer on one of > your windows servers. Make it a root CA for the domain. Use IIS management > console and/or the “certificates” MMC to request and install certificates. > Done.
That may not always be the right solution. For example, if one is deliberately keeping the CA stand-alone non-networked to reduce security exposure. Or other systems exist which don't fit into Microsoft's CA plumbing, and which have already been plumbed to another system. (Although there's no technical reason one can't run multiple CAs, company structure might prohibit it.) -- Ben
