Root and Issuing CA Post Install batch files

Prerequisites for PKI Batch Files

Prerequisite to perform Post Installation Configuration for Root CA

  • When enabling the Active Directory Configuration Partition Distinguished Name, ensure the proper name is set in regards for your environment.
  • When configuring AIA
    • The certutil command will be configuring a static file system location, a lightweight directory access path (LDAP) location, and http location for the AIA. Edit each path in regards for your system.
  • When configuring CDP
    • The certutil command will be configuring a static file system location, an LDAP location, an http location, and a file system location. Edit each path in regards for your system.

Publish Root CA Certificate &CRL

  • Ensure Root CA & CRL is copied onto Subordinate Issuing CA
  • Ensure correct name/path for Root CA Certificate is correct in regards for your system.
  • Ensure correct name/path for Root CA CRL is correct in regards for your system.
  • Ensure when publishing Root CA Certificate and CRL to web server directory. Edit path in regards for your system
  • Ensure correct name/path when adding Root CA Certificate and CRL. Edit path in regards for your system.

Prerequisites to Perform Post Installation Configuration for Subordinate Issuing CA

  • When configuring AIA
    • The certutil command will be configuring a static file system location, a lightweight directory access path (LDAP) location, and http location for the AIA. Edit each path in regards for your system.
  • When configuring CDP
    • The certutil command will be configuring a static file system location, an LDAP location, an http location, and a file system location. Edit each path in regards for your system.
Disclaimer: Please run into your test environment before using it on Production. If you need any help buidling the PKI feel free to reach us at info@encryptionconsulting.com