The screenshot shows all trusted root CA certificates in a default Windows 2003 Server plus two additional certificate which have been added so far (CS Germany CA and Applix).
这个屏幕图显示在默认的Windows 2003Server中所有可信的根CA证书,还有目前已经添加的两个证书(CS Germany CA和 Applix)。
Because this root ca certificate is located in your Trusted root Certification Authorities store, this computer will now trust any certificates issued by your AD CS server.
因为此根ca证书的位置在受信任的根证书颁发机构存储中,此计算机现在将信任由ADCS服务器颁发的所有证书。
Import the ca root certificate, if it does not already exist in the trust store of the client or the server.
如果客户端或服务器的信任存储区中尚没有ca根证书,则导入该证书。
When the ca USES a self-signed certificate, called a Root ca, the ca usually publishes its self-signed certificate details publicly so that users can establish the authenticity of the ca.
当CA使用自签名证书时(称为根ca),该ca通常公开发布其自签名证书详细信息,因此用户可以确定该CA的真实性。
If the trusted root ca has a CRL provided check that the certificate is not listed there as being revoked.
如果可信根ca提供CRL,要确认撤消的证书列表中不包含这个证书。
If for some reason they are not placed in there trust cannot be established although Windows may show the certificate as a trusted root ca.
如果由于某种原因它们没有放在那里,即使Windows把证书显示为可信根ca,也无法建立信任。
Again this requires Windows to trust the certificate which implies to have the correct trusted root ca imported.
这要求Windows信任此证书,意味着必须导入正确的可信根ca。
For the certificate label, enter something meaningful, such as VeriSign Test ca Root.
对于证书标签,请输入有意义的文字,例如:verisignTestCA Root。
Expand Certificates, Trusted Root certificate Authority and repeat Step 4 above to import the certificate into the trust ca store as well.
展开Certificates,TrustedRoot CertificateAuthority,并重复上面的步骤4,将证书导入到信任ca存储。
What happens if the root certificate ca is compromised?
如果危及根证书CA怎么办?
Figure 1 The root ca root certificate in certificate Manager.
图1的根ca根证书,在证书管理器中。
The commands you use vary slightly depending on whether the certificate authority (ca) that issued your certificate is part of a client's trusted root.
您可以使用的命令会略有不同,这取决于发行证书的证书颁发机构(ca)是否是客户端受信任的根的一部分。
If your certificate was issued by one of these trusted roots, or by a ca that chains to one of these trusted roots, you can add the certificate to the client's trusted root store.
如果证书由这些受信任的根之一或由链接到这些受信任的根之一的CA发行,则可以向客户端受信任的根存储区中添加证书。
If your certificate was issued by one of these trusted roots, or by a ca that chains to one of these trusted roots, you can add the certificate to the client's trusted root store.
如果证书由这些受信任的根之一或由链接到这些受信任的根之一的CA发行,则可以向客户端受信任的根存储区中添加证书。
应用推荐