10. Install and Configure the OCSP Responder Role service
HTML-код
- Опубликовано: 11 сен 2024
- Video Series on Managing Active Directory Certificate Services:
Part-5: In the fifth part of this six part video series on how to deploy a Two-Tier Public Key Infrastructure, we will see the steps on how to install and configure an Online Responder Server role on Windows Server 2019 web server. To finalize the configuration of an online responder, you must configure and install an OCSP Response Signing certificate and configure an Authority Information Access extension to support it. After this is done, you must assign the template to a CA and then enroll the system to obtain the certificate.
Click Here to see the Next part:
• 11. Verify PKI health...
Full Playlist:
yt.vu/p/PLUZTRm...
Follow my blogs:
msftwebcast.bl...
![[DOKKAN BATTLE] Worldwide Campaign Announcement Video Part 2!](http://i.ytimg.com/vi/JpT5Voak6WA/mqdefault.jpg)
Thanks a lot for these vedeos, very helpfull
Excellent Sir !!!
Great tutorial, I was having issues until you shared the steps to revoke CA Exchange and issue new one. Next, trying to figure out why custom template is not getting displayed in dropdown.
Lot of learning bro ❤️
in the revocation provider properties no http base crl appears, only a ldap base crl is there. How would i manually add a http base crl or what am I doing wrong that it isn't automatically there?
Thanks my friend!
Thank you too!
Hello, thanks a lot for these videos. I have one question regarding the 2-tier pki. If I have two subordinate CAs, is it possible to have just one OCSP transponder? I mean, if both my subordinate CAs would have the AIA configured to the same URL/host, which would "host" the configuration for both?
Hello,
Please create video on renewing Subordinate and OCSP renewal process. Its not there anywhere in RUclips or Internet.
I can't find OCSP response signing in Enable Certificate Templates, what can be the problem?
My CDP and AIA location is not working either with server fqdn or web name fqdn, Can you help?
you are the best!
Thank You..
Are we saying even the OCSP server also have certificate Authority and Certificate Authority Web enrollment installed. I thought we need to install certificate Authority and Certificate Authority Web enrollment only in the CA server. Please clarify
If I don't have server. Can i create certificate add ocsp ?
thanks
what is the CA exchange template for ?
CA Exchange certificate is used by key archival process.
@@MSFTWebCast so the step for CA Exchange certificate template is necessary ?
@@jeffer8762 yes.
@@MSFTWebCast The Issuing server don't have CA exchange Template, so how does it give it out?
I can see only 2 templates on this server: User & OCSP Responder.
Do you need to add computer, domain controller, web server, etc ... what is the minimum template to fully make ADCS work properly ?
Wow, the accent makes it really hard to understand.
My bad, apologies but thats how I sound.
It doesn't and this comment is unnecessarily rude.
@@samuel-ff2sl Agreed. This was incredibly helpful and not hard understand at all.