Certsrv on a remote server

Giganews Newsgroups
Subject: Certsrv on a remote server
Posted by:  Ryan Hanisco (RyanHanis…@discussions.microsoft.com)
Date: Mon, 11 Feb 2008

Everyone,

I have an environment that uses a Stand-alone CA to issue certificates to
remote users from a public web site using web enrollment.  This cert is used
for authentication for another web site.

Right now I have a server farm behind load balancers, but only one of them
is configured as CA with the web-enrollment piece (certsrv).  As you can
imagine, this acts as a single point of failure and means that we can't use
the load balancers for this; we have to always go to the single server.

I would like to put copies of Certsrv on the other web servers so that I
could balance these, but I am concerned with the communication between web
enrollment and the CA and what the configuration steps would be.  I am trying
to avoid the overhead of configuring subordinates on the other web servers
and issuing locally.

Advice?

--
Ryan Hanisco
MCSE, MCTS: SQL 2005, Project+
http://www.techsterity.com
Chicago, IL

Remember: Marking helpful answers helps everyone find the info they need
quickly.

Replies