Service Account Certficates
supertank
07-09-2005, 11:54 PM
Hello Everyone,
I have issued a certificate to a Service Account's certificate store.
Does anyone know how to turn on certificate authentication for service
accounts? Is it a registry change or local security setting or
something else?
thanks,
Terence
Paul Adare
07-09-2005, 11:54 PM
In article <1118954241.564162.152430@o13g2000cwo.googlegroups.com>, in
the microsoft.public.security news group, supertank
<supertank@gmail.com> says...
>
> I have issued a certificate to a Service Account's certificate store.
> Does anyone know how to turn on certificate authentication for service
> accounts? Is it a registry change or local security setting or
> something else?
>
There is no such thing as a general certificate authentication for
service accounts. Either the service supports certificate authentication
or it does not. How you configure it, if supported, will vary from
application to application.
--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea
supertank
07-09-2005, 11:54 PM
But it seems there is a certificate store for every available service.
Why are these certificate stores built in the first place?
Terence
Paul Adare
07-09-2005, 11:54 PM
In article <1118955928.657101.96670@g47g2000cwa.googlegroups.com>, in
the microsoft.public.security news group, supertank
<supertank@gmail.com> says...
> But it seems there is a certificate store for every available service.
> Why are these certificate stores built in the first place?
There isn't a certificate store for every available service. When you
focus the Certificates snap-in on a service account (which is what I
assume leads you to believe there is a store for every installed
service) the snap-in simply enumerates the installed services and
presents you with a list. The snap-in has no way of knowing whether or
not a particular service supports the use of certificates so it just
presents you with a list and lets you choose.
--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea
Service Account Certficates