Security Basics mailing list archives
MS Stand-alone CA on Shared Server?
From: "Megan Kielman" <megan.kielman () gmail com>
Date: Wed, 15 Aug 2007 07:07:20 -0700
I sent an email out a few days ago and haven't heard a response, not sure if it didn't get sent or if nobody responded :) I apologize in advance if this is a duplicate. I have built a MS Stand-alone CA, as our certificate needs are very small, this is the only CA in the hierarchy. I have read from several sources that hosting the CA on a shared server is a bad idea, however, we do not have enough resources to host the CA on its own server, especially when it will have low utilization. Can anyone provide me with assistance in properly hardening this box? Am I making a huge mistake placing it on the same server that hosts our Operations Manager (monitoring) Root server? It is currently sitting on an internal isolated lan. The risks that I understand are that if the server is renamed, the issued certificates are no longer valid. Also, it is important that the CA is protected since if compromised the integrity of our certificates are lost. Thanks!
Current thread:
- MS Stand-alone CA on Shared Server? Megan Kielman (Aug 15)
- RE: MS Stand-alone CA on Shared Server? Ramsdell, Scott (Aug 16)
- RE: MS Stand-alone CA on Shared Server? Ackley, Alex (Aug 16)
- Re: MS Stand-alone CA on Shared Server? Megan Kielman (Aug 16)
- RE: MS Stand-alone CA on Shared Server? Ramsdell, Scott (Aug 16)
- Re: MS Stand-alone CA on Shared Server? Megan Kielman (Aug 17)
- RE: MS Stand-alone CA on Shared Server? Ramsdell, Scott (Aug 16)
- Re: MS Stand-alone CA on Shared Server? gjgowey (Aug 16)