Implementing GDOI into DMVPN
May29

Implementing GDOI into DMVPN

Posted By on May 29, 2025

GDOI into DMVPN KB ID 0000956  Problem Just recently I covered DMVPN, which is a great scalable system for adding new sites to your network infrastructure and have them join an existing VPN solution without the need to add extra config at the ‘hub’ site. One of the advantages of DMVPN is it maintains VPN connections from your ‘Spoke’ sites back to the ‘Hub’ site, but if a spoke site needs to speak...

Read More
VMware – Replace the ESX Certificate
May07

VMware – Replace the ESX Certificate

Posted By on May 7, 2025

ESX Certificate KB ID 0000974  Problem ESXi comes with a self-signed certificate, and for most people that’s fine, but some clients want to have a ‘Trusted’ certificate on theirs, and have their own PKI infrastructure for issuing them. Below I will generate a new certificate for my ESXi server using the Active Directory Certificate Services role on Windows Server 2012. Then replace the self-signed certificate with my new...

Read More
Windows Server – Enable LDAPS
Jan17

Windows Server – Enable LDAPS

Posted By on Jan 17, 2025

KB ID 0000962  Problem Note: Starting with Windows Server 2019, LDAPS (LDAP over SSL/TLS) is enabled by default, assuming a Server Authentication certificate is installed on the Domain Controller. Active Directory is built on LDAP, I’ve known this for a long time, but other than it’s a directory protocol that’s about all I did know. Like any directory, if you want information when you query the directory it returns a...

Read More
Digital Certificates Explained
Jan04

Digital Certificates Explained

Posted By on Jan 4, 2024

Digital Certificates Explained KB ID 0001846 Problem From setting up PKI environments, to migrating them, and a myriad of errors and problems in between, we have a lot of content on PNL referring to digital certificates and PKI. I’ve dealt with these technologies a lot over the past 20+ years and I’m always surprised how frightened of digital certificates people are. So in the space of a few minutes I’ll try and give...

Read More
Windows Server – Install and Configure NDES
Oct21

Windows Server – Install and Configure NDES

Posted By on Oct 21, 2021

KB ID 0000947  Problem NDES, is the name for what we used to call MSCEP, which was an ‘add-on’ for the Server 2003 family of servers. In Server 2008 it was renamed to NDES. It is a role service that runs on a Certificate Services Server, and is used to create a registration authority (RA) that can issue certificates from your PKI infrastructure to network devices, i.e. Routers, Firewalls and Switches. Solution Installing...

Read More