Cisco Cisco Expressway
Appendix 5: Configuring Windows Server Manager with a "client and
server" certificate template
server" certificate template
Note:
The Microsoft Certification Authority must be able to generate a certificate that can be used for mutual
authentication of the Expressway as client or server.
Windows Server 2008 Standard R2 has certificate templates for this purpose, but earlier versions of Windows Server
Standard Edition are not suitable.
Standard Edition are not suitable.
The default "Web Server" certificate template used by the Microsoft Certification Authority application will only create a
certificate for Server Authentication. The server certificate for the Expressway also needs Client Authentication if you
want to configure a neighbor or traversal zone with mutual authentication (where TLS verify mode is enabled).
certificate for Server Authentication. The server certificate for the Expressway also needs Client Authentication if you
want to configure a neighbor or traversal zone with mutual authentication (where TLS verify mode is enabled).
To set up a certificate template with Server and Client Authentication:
1.
In Windows, launch Server Manager (Start > Administrative Tools > Server Manager).
(Server Manager is a feature included with server editions of Windows.)
2.
Expand the Server Manager navigation tree to Roles > Active Directory Certificate Services > Certificate
Templates (<domain>).
Templates (<domain>).
3.
Right-click on Web Server and select Duplicate Template.
4.
Select Windows Server 2003 Enterprise and click OK.
Cisco Systems, Inc.
29