Moving Certificate Services To Another Server
KB ID 0001473 Problem If you are retiring a CA Server, or there’s a problem with the server and you want to move Microsoft Certificate Services to another server, the procedure is pretty straight forward. BE AWARE: We are moving the CA Server Name , NOT the Server Name (FQDN), the two things are NOT the same, (you might have called them the same thing!) But a Certificate Authority has a name of its own, and that’s what we...
Windows Certificate Services ‘certsrv’ Website displays 403.14
KB ID 0001342 Problem I seem to get all the PKI/Certificate services problems! Yesterday I was trying to use the web enrolment portal on a certificate services server, and could not get in locally, (or remotely) via http, (or https) it simply showed me a 403.14 error. HTTP Error 403.14 Forbidden Solution This was an odd one, in IIS Manager select the ‘Certsrv’ virtual directory > Advanced Options > And look at the...
vSphere 6.5 vCenter Appliance – Replacing Certificates
KB ID 0001194 Problem In vSphere 5 and earlier versions this was not a ‘fun’ job at all, many times I sat down to do it, and lost the will to live. Now there’s a nice new tool built into vCenter that does ‘most’ of the hard work for you. Here I’m using the vCenter appliance but the tool is also available on the Windows version. For my certificates I’m using Microsoft Certificate Services....
VMware ESXi6 – Replacing the Default Certificates
KB ID 0001195 Problem This is pretty much part two of the last article I wrote, so make sure you have the vCenter CA setup as a Sub CA of your Microsoft Certificate Services Deployment. See the following article; vSphere 6 vCenter Appliance – Replacing Certificates Now we take the next step, and replace the certificates on the ESXi hosts. Solution Note: Joining the ESXi Hosts to the domain is not essential, it just makes things a...
Microsoft PKI Planning and Deploying Certificate Services
KB ID 0001309 Problem “I don’t know what it is about Certificates, I just don’t like them, I don’t understand them, and I don’t like working with them” I hear this a lot, In fact I heard it this week, and as I’m usually the ‘go-to-guy’ for certificates and PKI, it winds me up! IT pros take the time to learn concepts like DNS, DHCP, Kerberos etc. But mention Certificate Services and...