Jump to content


Popular Content

Showing content with the highest reputation on 07/23/2018 in all areas

  1. 1 point
    Thanks for the link, and the lab is definitely very useful and better than some other ones I've seen. I'll go through it some more. It seems like there's very little info on this specific aspect available on the internet regarding CApolicy.inf. I'm probably overthinking it but don't want to get it wrong. In other examples like Brian Komars book I see he adds more info under [certsrv_server] like "CRLPeriod", "CRLPeriodUnits", etc. and was wondering if there was a reason they were excluded on yours, if they are no longer needed or are set elsewhere, or if it's just due to it being a lab environment and those are the bare minimum settings needed for CAPolicy.inf EDIT: Just so other people who have the same question, I was able to find out that the only thing the CApolicy is needed for is to overwrite the few parameters that otherwise can't be configured via Powershell/GUI. So you're probably going to find a whole array of CApolicy files that are all technically correct, production-quality, they just contain varying levels of detail, and it's actually better to set them using CERTUTIL instead of defining them in the CAPolicy.inf file.
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
  • Create New...