Follow

What are the minimum rights required to do a CA import

Applies To:

Venafi Encryption Director 11.0 and above

Summary:

You can import certificates based on the issuing Certificate Authority. After the import is configured, all certificates issued by a specified Certificate Authority will be identified, then placed into policies that you designate.

 

Minimum rights required to do a CA import:

  1. Create an Active Directory service account for Director to use when requesting certificates from Microsoft CA.
  2. Using the Certificate Authority MMC snap-in, right-click on the CA's name and select Properties.
  3. On the Security tab, grant the service account 'Read' and 'Request Certificates'.

Screen_Shot_2014-02-04_at_8.22.05_PM.png

  1. Using the Certificate Templates MMC snap-in, right-click on a template that Director will request certificates from and select Properties.
  2. On the Security tab, grant the service account 'Read'.

Screen_Shot_2014-02-04_at_8.21.16_PM.png

  1. Repeat this step for all templates that Director will enroll or import.

 

Was this article helpful?
1 out of 1 found this helpful

Comments