Chapter 18. Using the central certificate store for certificate management

 

Certificate management—the installing, revoking, and binding of certificates—is truly an ongoing management headache. You saw in chapter 9 that working with certificates on remote servers can be challenging, even with PowerShell to help automate the process. Remember the process of deploying and installing the certificates to each web server and then creating an SSL binding for each website? Add to that the challenge of searching through all those servers to determine when the certificates will expire and need to be replaced. If you want to reduce your management time and make the whole process much simpler, the new IIS 8 feature called the central certificate store (CCS) is for you.

The central certificate store is a simple concept, almost exactly the same as you saw in chapters 16 and 17 on sharing content and configuration: store all the certificates on a clustered network share and then have the website bindings point to those certificates instead of locally installed ones. Need a new certificate? Put it in the network share. Need to check for expiring certificates? Look in the network share. If you’re already using shared content and configurations, you already have everything you need to make this work, as shown in figure 18.1.

Figure 18.1. Using the central certificate store (CCS) for certificate management

18.1. Installing and configuring the central certificate store

 
 
 
 

18.2. Using CCS on remote web servers

 

18.3. Lab

 
 
 

18.4. Ideas to try on your own

 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest