question

ComputerHabit-1849 avatar image
0 Votes"
ComputerHabit-1849 asked DaisyZhou-MSFT commented

Certificate Enrollment Web Service enrollment for multiple forests.

I've setup Certificate Enrollment Web Service. The document says you can request certs in other forests. The document falls short of HOW to do that. Is there instructions? Seems MS just leaves stuff off all the time.

Right now I'm guessing something like DSPublish the cert chain into the other forest to get things going.

Any help finding the details would be great. Thank you.

AND THESE FREAKING TAGS BULLS*T IS GETTING TO ME>>>> THERE IS NO CA TAG!!!!!!!!!

windows-serverwindows-server-2019
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @ComputerHabit-1849,

Just to confirm, are you referring to Certificate Enrollment Web Service Guidance documentation?

Regards,
Ryan

0 Votes 0 ·

Yes, I'm trying to follow the articles and they are incomplete.

0 Votes 0 ·
ComputerHabit-1849 avatar image
0 Votes"
ComputerHabit-1849 answered

I still can't see certs in other forests. I have no details from Microsoft about this part of their product.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DaisyZhou-MSFT avatar image
0 Votes"
DaisyZhou-MSFT answered

Hello @ComputerHabit-1849,

Thank you for posting here.

Based on my knowledge, for cross forest certificates:

If there is two-way trust relationship between two forests, we can set up Cross-Forest Certificate Enrollment.
For more information we can refer to link below.
AD CS: Deploying Cross-forest Certificate Enrollment
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff955845(v=ws.10)


If there is no two-way trust relationship between two forests, we can set up Cross-Forest Certificate Enrollment.
For more information we can refer to link below.
Test Lab Guide Mini-Module: Cross-Forest Certificate Enrollment using Certificate Enrollment Web Services
https://social.technet.microsoft.com/wiki/contents/articles/14715.test-lab-guide-mini-module-cross-forest-certificate-enrollment-using-certificate-enrollment-web-services.aspx

Hope the information above is helpful.

Should you have any question or concern, please feel free to let us know.


Best Regards,
Daisy Zhou

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DavidJenkins-7665 avatar image
0 Votes"
DavidJenkins-7665 answered DaisyZhou-MSFT commented
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,
Thank you for your update.
As always, if there is any question in future, we warmly welcome you to post in this forum again.

Best Regards,
Daisy Zhou

0 Votes 0 ·