Archived from groups: microsoft.public.win2000.security (More info?)
Hi,
we are using an enterprise CA on Windows 2003 Server and we want to use the
mscep.dll with our Cisco Pix firewall and our Cisco routers. As we would like
to have a higher lifetime for the certificates, we created two new templates
and the two Registry keys SignatureTemplate/EncryptionTemplate as described
in the Technet MSCEP Example "Use Seperate Certificate Templates for
Signature and Encryption". But MSCEP still uses the "IPSec (Offline request)"
template. After we remove the "IPSec (Offline request)" template from the
list of certificates to be issued by the CA, we get the error "You do not
have sufficient permissions to enroll with SCEP" when trying to get an
challenge password with the browser.
To me it seems that MSCEP ignores the two registry keys.
Do you have any suggestions how to fix this?
Regards and thanks
Henning Blanke
Hi,
we are using an enterprise CA on Windows 2003 Server and we want to use the
mscep.dll with our Cisco Pix firewall and our Cisco routers. As we would like
to have a higher lifetime for the certificates, we created two new templates
and the two Registry keys SignatureTemplate/EncryptionTemplate as described
in the Technet MSCEP Example "Use Seperate Certificate Templates for
Signature and Encryption". But MSCEP still uses the "IPSec (Offline request)"
template. After we remove the "IPSec (Offline request)" template from the
list of certificates to be issued by the CA, we get the error "You do not
have sufficient permissions to enroll with SCEP" when trying to get an
challenge password with the browser.
To me it seems that MSCEP ignores the two registry keys.
Do you have any suggestions how to fix this?
Regards and thanks
Henning Blanke
Facebook
Twitter
Instagram