Windows Server TechCenter >
Windows Server Forums
>
Security
>
How to Build Extended Validation Certificates in Active Dir CA
How to Build Extended Validation Certificates in Active Dir CA
- Hi, there
First of all, as always, let me thank you for your answers, this time it's more one to go.
I want to Know how to create a Certificate to my webserver, using CA, but i want to use EV(extended Validation). I'm tired to try, by following the steps in windows certificates help. Looks like theres something im missing.
So, i want to see that shining Green bar on windows internet explorer telling is safe to use the intranet page.
So it's my first time, building this complex things to inside.
So can anyone help, telling me step by step, to take my goal??
Note:I''ve removed the role Active Directory Certification by the tenth time... so this could be someone's doubt.... please help if you can
Thanks a lot
Marco Enxuto, Lisbon, Amadora, Portugal
Answers
- Hi,
if you want a green bar in IE, follow this article http://blogs.technet.com/askds/archive/2009/08/14/extended-validation-support-for-websites-using-internal-certificates.aspx. Of course it will be only for internal users.
Best regards
Martin Rublik- Proposed As Answer byVadims PodansMVPMonday, October 26, 2009 7:36 AM
- Marked As Answer byMervyn ZhangMSFT, ModeratorMonday, November 02, 2009 2:34 AM
- It is needed if you are trying to educate users to only provide privacy information if the IE bar is green.
If you do not do this, you have to create an exception saying that internal sites do not need the green bar.
This enhancement to 2008 R2 server allows you to be consistent with your messaging to the user base
Brian- Proposed As Answer byOndrej SevecekMVPSunday, November 01, 2009 8:09 AM
- Marked As Answer byMervyn ZhangMSFT, ModeratorMonday, November 02, 2009 2:34 AM
All Replies
- Hi,
if you want a green bar in IE, follow this article http://blogs.technet.com/askds/archive/2009/08/14/extended-validation-support-for-websites-using-internal-certificates.aspx. Of course it will be only for internal users.
Best regards
Martin Rublik- Proposed As Answer byVadims PodansMVPMonday, October 26, 2009 7:36 AM
- Marked As Answer byMervyn ZhangMSFT, ModeratorMonday, November 02, 2009 2:34 AM
- Bear in mind that the CA must be running Windows Server 2008 R2
Brian ... exactly as Martin said - it will be only for internal users. what benefit do you have from such an added overhead?
o.- It is needed if you are trying to educate users to only provide privacy information if the IE bar is green.
If you do not do this, you have to create an exception saying that internal sites do not need the green bar.
This enhancement to 2008 R2 server allows you to be consistent with your messaging to the user base
Brian- Proposed As Answer byOndrej SevecekMVPSunday, November 01, 2009 8:09 AM
- Marked As Answer byMervyn ZhangMSFT, ModeratorMonday, November 02, 2009 2:34 AM
- good point.
Bear in mind that the CA must be running Windows Server 2008 R2
Brian
are you sure that Windows Server 2008 R2 CA is required? I haven't tested this, but it seems like that the general requirement is Windows Server 2008 R2 policy editor (or Windows 7 with RSAT), because previous OS's doesn't have tab Extended Validation.
http://www.sysadmins.lv- Issuance of EV certificates is only supported with R2. This was not supported in 2k8 and any resolution is a hack that is not supported <G>
Brian - ok, thanks!
http://www.sysadmins.lv
