Chapter 5. Designing a Certification Authority Hierarchy

Before deploying Windows Server 2008 Active Directory Certificate Services, an organization must spend time designing the certification authority (CA) hierarchy. Developing the correct structure involves investigating and processing related requirements for applications, security, business, technical, and external forces. Hierarchy elements covered in this chapter include:

The number of tiers to use in a CA hierarchy
How the CAs will be arranged into a CA hierarchy
The types of certificates each CA will issue
The types of CAs to be deployed at each tier
Specifying where the CA computer accounts will exist in Active Directory Domain Services (AD DS)
Security measures to protect the CAs
Whether different ...

Get Windows Server® 2008 PKI and Certificate Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows Server® 2008 PKI and Certificate Security by Brian Komar

Chapter 5. Designing a Certification Authority Hierarchy

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly