Ryan 27.07.2012 07:08 (GMT+2) Add multiple Certificate Enrollment Service instances

Thank you for writing this script, I just got off with Microsoft support who told me this is not possible. I am having issues with the script it is complaining about the win32_operatingsystem call. I am running windows Server 2008 R2. Any ideas? Thank you, Ryan

Vadims Podans
Vadims Podans 05.07.2012 17:37 (GMT+2) Test remote web server SSL certificate

This is a big question. Revocation checking is one of the most (and complicated) subject in PKI. The most likely issue is that URLs in the certificate's CDP extension are not accessible from your client. Open the target certificate, and examine URLs in CRL Distribution Points extension.

Tom Davidson
Tom Davidson 05.07.2012 03:03 (GMT+2) Test remote web server SSL certificate

I have my own personal CA whose cert I have installed into the Trusted Root CAs. This way I can simulate the signing process and test configurations without the need for expensive commercial CA signed certs all the time. However, when I run your function against a server configured in this way, I get the following: CertificateIsValid : False ErrorInformation : {RevocationStatusUnknown} Not knowing much about SSL certs & revocation, is there any way I can configure things up so your function will generate a CertificateIsValid status of True for my test environments?

Sergey Korotkov
Sergey Korotkov 08.06.2012 05:37 (GMT+2) Windows Server 2012 RC, Active Directory Certificate Services features

good news Vadims, thanks

Vadims Podans
Vadims Podans 28.04.2012 05:04 (GMT+2) Share management in PowerShell

Additionally you need to unblock downloaded files (right-click on each and click Unblock in file properties).