Review the detailed steps covered in the demonstration.
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (37.8 KB, 2 trang )
Designing a Public Key Infrastructure
Copyright 2002 Microsoft Corporation. All Rights Reserved.
Detailed Steps
Review the detailed steps covered in the demonstration.
Tasks Detailed Steps
Important: Perform the following procedures at the computer acting as the enterprise subordinate
CA.
1.
Log on to the network
as Administrator of
your domain with a
password of
password.
a.
Log on by using the following credentials:
User name: Administrator
Password: password
Log on to: NWTRADERS
2.
In the Certification
Authority console,
revoke the following
certificates with the
Change of Affiliation
reason code:
• Domain\Certcomp
uter (where
domain is the
NetBIOS name of
your domain and
computer is the
NetBIOS name of
your computer)
•
Domain\Certpartn
er (where domain
is the NetBIOS
name of your
domain and
partner is the
NetBIOS name of
your partner’s
computer)
b.
On the Start menu, click Programs, point to Administrative Tools,
and then click Certification Authority.
c.
In the console tree, expand computer (where computer is the NetBIOS
name of your computer), and then click Issued Certificates.
d.
In the details pane, right-click the certificate with Requester Name of
domain\Certcomputer (where domain is the NetBIOS name of your
domain and computer is the NetBIOS name of your computer), click
All Tasks, and then click Revoke Certificate.
e.
In the Certificate dialog box, in the Reason code box, select Change
of Affiliation, and then click Yes.
f.
In the details pane, right-click the certificate with Requester Name of
domain\Certpartner (where domain is the NetBIOS name of your
domain and partner is the NetBIOS name of your partner’s computer),
click All Tasks, and then click Revoke Certificate.
g.
In the Certificate dialog box, in the Reason code box, select Change
of Affiliation, and then click Yes.
Designing a Public Key Infrastructure
Copyright 2002 Microsoft Corporation. All Rights Reserved.
Tasks Detailed Steps
3.
Verify the revoked
certificates and
publish the CRL.
h.
In the console tree, click Revoked Certificates.
Is the task of revoking the certificates complete?
No. The CRL must be published to ensure that all certificate-aware applications will see the
change in the status of the certificates.
3. (continued)
i.
In the console tree, right-click Revoked Certificates, and then click
Publish.
j.
In the Certificate Revocation List dialog box, click Yes to publish the
new CRL.
k.
Close all open windows and log off the network.
