Featured Article Windows Server Add roles to a Certificate Authority server
A Windows 2000 Server running Certificate Services can function as a Certification Authority (CA) for a network, creating certificates for users and computers for a variety of uses. For example, users might retrieve a certificate from a CA to digitally sign their e-mail messages, which enables the user to authenticate his e-mail to recipients as well as share encrypted messages.
When you install a Windows 2000 CA, the installation configures the CA to issue certificates for a specific set of uses. However, you can easily add additional certificate types to issue. For example, you might want the CA to issue code-signing certificates that Office users can install to sign macros and prevent those macros from triggering security warnings.
To add a new certificate type, open the Certification Authority console and expand the CA. Right-click the Policy Settings branch and choose New, Certificate to Issue. In the Select Certificate Template dialog box, select one or more templates and click OK. The templates will then appear in the right pane of the CA console when you click the Policy Settings branch. These certificate types will also be available when the users request a certificate from the CA. |