Root and Issuing CA Post Install batch files

Prerequisites for PKI Batch Files

Prerequisite to perform Post Installation Configuration for Root CA

  1. When enabling the Active Directory Configuration Partition Distinguished Name, ensure the proper name is set in regards for your environment.
  2. When configuring AIA
    1. The certutil command will be configuring a static file system location, a lightweight directory access path (LDAP) location, and http location for the AIA. Edit each path in regards for your system.
  3. When configuring CDP
    1. The certutil command will be configuring a static file system location, an LDAP location, an http location, and a file system location. Edit each path in regards for your system.

Publish Root CA Certificate &CRL

1.      Ensure Root CA & CRL is copied onto Subordinate Issuing CA

2.      Ensure correct name/path for Root CA Certificate is correct in regards for your system.

3.      Ensure correct name/path for Root CA CRL is correct in regards for your system.

4.      Ensure when publishing Root CA Certificate and CRL to web server directory. Edit path in regards for your system

5.      Ensure correct name/path when adding Root CA Certificate and CRL. Edit path in regards for your system.

Prerequisites to Perform Post Installation Configuration for Subordinate Issuing CA

  1. When configuring AIA
    1. The certutil command will be configuring a static file system location, a lightweight directory access path (LDAP) location, and http location for the AIA. Edit each path in regards for your system.
  2. When configuring CDP
    1. The certutil command will be configuring a static file system location, an LDAP location, an http location, and a file system location. Edit each path in regards for your system.

Disclaimer: Please run into your test environment before using it on Production. If you need any help buidling the PKI feel free to reach us at info@encryptionconsulting.com

Download