Click Next to continue.
251
9
Creating a Public Key Infrastructure (PKI) for L2TP with IPSec Support
FIGURE 9.21 Installing IIS on a domain member to provide for certificate web enrollment.
9. On the CA Identifying Information page, enter the common name for the CA. This
can be any descriptive name. Click Next.
10. On the Certificate Database Settings page, accept the defaults and click Next. For
redundancy and scalability, it is recommended to separate the log file from the database.
11. Read the IIS warning dialog box, and then click the Yes button.
12. Read the ASP warning dialog box when it is displayed, and then click the Yes button.
13. Click Finish after the CA has completed the installation.
Configuring the Enterprise Root CA
If using an enterprise certificate authority, and supporting non-domain members, such as an
ISA server that is a member of a workgroup, then a template to allow machine certificates
should be added and configured to allow provisioning through the web enrollment page.
This is common when supporting a mix of domain members and non-domain members.
The following steps can be used to configure the existing enterprise certificate authority
with a new computer certificate template.
Pages:
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444