Questions

Shared Cert Store - AD-based IPSec policy

Tags:
+
0 Votes
Locked

Shared Cert Store - AD-based IPSec policy

mwiden
I'm on week five in learning Windows 2003 PKI and I now have a problem. I'm not alone but no one has yet solved the problem (except our teacher). I'm trying to setup a IPSec policy based on certificates and not Kerberos authentication. But when I choose "Use a certificate from this certification authority (CA)" I get the message:

************************************************** ****

Warning!
The Active Directory does not contain a shared
certificate store.

When configuring Active Directory based IPSec policy to
use certificate authentication the administrator must
ensure that each domain member has an appropriate
certificate installed.

Do you want to select a certificate authority from the
local machine certificate store?

************************************************** ******

Any ideas? I vaguely recall our teacher using ADSIEDIT.MSC to import something...
The CA works correctly and issues both SSL and EFS certs without problems via autoenroll or webenrollment.

Here are som more links on the subject:
http://www.pcreview.co.uk/forums/thread-1451041.php

Thanks.