locked
SSL Cerficate for configure the AD RMS Licensing-only Cluster RRS feed

  • Question

  • Hi all,

    I'm following this guide to set-up AD RMS Licensing-only cluster
    http://technet.microsoft.com/en-us/library/cc771183(v=ws.10).aspx

    But, at step 21: "Click the Choose an existing certificate for SSL encryption option, click the certificate that has been imported for this AD RMS cluster, and then click Next.". Is certificate is AD RMS root cluster certificate? Where does this certificate locate in AD RMS root cluster?

    Thank you.

    Wednesday, August 14, 2013 10:31 AM

All replies

  • Hi,

    this is a SSL certificate what needs to be installed on the default website, like for any other SSL-protected web site.

    http://technet.microsoft.com/en-us/library/cc732906(v=WS.10).aspx

    It can be from an internal or a public CA depending where your users resides.

    So it is not the RMS cluster certificate.

    Regards,

    Lutz

    Thursday, August 15, 2013 12:39 AM
  • Hi Lutz,

    I installed the AD RMS License-only Cluster with its seft-sign cert.

    I configured client like guide http://technet.microsoft.com/en-us/library/cc771183(v=ws.10).aspx
    B
    ut, when user protect a file, the client send request 2 server Root Cluster and License-only Cluster. In DRM folder, I saw 2 pair cert (GIC and CLC), one pair from Root Cluster, one pair from License-only Cluster. Client should request Root Cluster when protecting and request License-only Cluster (License-only Cluster is configured in registry) when consuming

    How to solve this issue?

    Thanks



    • Edited by Vu Le Anh Friday, August 16, 2013 8:11 AM
    Friday, August 16, 2013 8:07 AM
  • I think that is correct, because when you enable the RMS protection you request a use license at the same time.
    Saturday, August 17, 2013 4:41 AM
  • I think that is correct, because when you enable the RMS protection you request a use license at the same time.

    Hi Lutz, I dont think so. I assume youre right, but as I told why client request to get CLC+GIC from Root Cluster and CLC+GIC from License-only. That is incorrect behavior. Maybe I miss something. I think when I configured registry for client, client get this registry to send request to Root Cluster Sever for certication and License-only Server for License

    If you still not clear my issue totally, please let me know

    Thanks

    Monday, August 19, 2013 3:48 AM