O'Reilly logo

Windows Server® 2008 PKI and Certificate Security by Brian Komar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Case Study: Deploying a PKI

You are the network administrator for Fabrikam, Inc. Based on the design requirements, you have decided to deploy the CA hierarchy shown previously in Figure 6-1.

To assist you in configuring the CAPolicy.inf files, pre-installation batch files, and post-installation batch files, the following design requirements are provided:

  • Root CA

    • The root CA must use a key length of 2,048 bits for its public and private key pair.

    • The root CA certificate must have a 20-year lifetime.

    • The root CA will publish its base CRL twice a year.

    • The root CA will not implement a delta CRL.

    • The root CA certificate will not include an AIA or CDP extension.

    • The root CA will issue subordinate CA certificates with a 10-year lifetime.

    • The root CA certificate ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required