Microsoft KB Archive/242031

= Certificate Server Updated to Use non-Microsoft X.509 Certificate Authorities =

Article ID: 242031

Article Last Modified on 2/23/2004

-

APPLIES TO


 * Microsoft Windows NT Server 4.0, Terminal Server Edition
 * Microsoft Certificate Server 2.0

-



This article was previously published under Q242031



SUMMARY
Microsoft Windows NT 4.0 Service Pack 6 includes the ability for the Microsoft Certificate Server to join a non-Microsoft X.509 Certificate Authority (CA) hierarchy.



Windows NT Server, Certificate Server, or Workstation 4.0
To resolve this problem, obtain the latest service pack for Windows NT 4.0 or the individual software update. For information on obtaining the latest service pack, please go to:


 * http://www.microsoft.com/windows/servicepacks/ -or-


 * 152734how to obtain the latest windows nt 4.0 service pack

For information on obtaining the individual software update, contact Microsoft Product Support Services. For a complete list of Microsoft Product Support Services phone numbers and information on support costs, please go to the following address on the World Wide Web:

http://support.microsoft.com/directory/overview.asp

Windows NT Server 4.0, Terminal Server Edition
To resolve this problem, obtain the latest service pack for Windows NT Server 4.0, Terminal Server Edition. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

152734 How to Obtain the Latest Windows NT 4.0 Service Pack



STATUS
Microsoft has confirmed that this is a problem in Certificate Server, version 2.0.

Microsoft has confirmed that this is a problem in Windows NT 4.0 and Windows NT Server 4.0, Terminal Server Edition. This problem was first corrected in Windows NT Server 4.0 Service Pack 6 and Windows NT Server 4.0, Terminal Server Edition Service Pack 6.



MORE INFORMATION
Changes made to Service Pack 6 include:


 * Certificate server had several work-arounds and special processing when the encoding length was 7f. This caused the installation to fail during installing a CA. This special processing is now disabled by default.
 * The Certificate Revocation List (CRL) is a list of revoked certificates that is digitally signed by the issuer of those certificates. Previously the certificates were not published by default; now the certificates are.
 * Error reporting was improved. New errors are not introduced, but error detection was increased to ensure messages are published when errors are encountered.
 * Certificate Server Setup has added the option for the administrator to control the keysize. This is done via a dropdown list with supported values (for example: 512, 1024, 2048, 4096). The default size is still 512.

Keywords: kbinfo KB242031

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.