%3CLINGO-SUB%20id%3D%22lingo-sub-1128721%22%20slang%3D%22en-US%22%3EUpdated%20requirements%20for%20a%20Windows%20Server%202008%20R2%20domain%20controller%20certificate%20from%20a%203rd%20party%20CA%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1128721%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3E%20First%20published%20on%20TECHNET%20on%20Sep%2028%2C%202011%20%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EIngolfur%20has%20written%20a%20blog%20post%20as%20well%20as%20a%20TechNet%20Wiki%20article%20describing%20how%20a%20Windows%20Server%202008%20R2%20certification%20authority%20(CA)%20parses%20certificates%2C%20especially%20those%20from%20a%20third-party%20(3rd%20party)%20non-Microsoft%20CA.%26nbsp%3BHe%20also%20covers%20the%20Key%20Distribution%20Center%20(KDC)%20enhanced%20key%20usage%26nbsp%3B(EKU)%20object%20identifiers%20(OIDs)%20and%20in%20the%20blog%20post%20KDC%20event%20ID%2029.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ETechNet%20Wiki%20article%3A%20%3CA%20title%3D%22Updated%20Domain%20Controller%203rd%20party%20certificates%22%20href%3D%22http%3A%2F%2Fsocial.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2Fupdated-requirements-for-a-windows-server-2008-r2-domain-controller-certificate-from-a-3rd-party-ca.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20Updated%20requirements%20for%20a%20Windows%20Server%202008%20R2%20domain%20controller%20certificate%20from%20a%203rd%20party%20CA%20%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22http%3A%2F%2Fsocial.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2Fupdated-requirements-for-a-windows-server-2008-r2-domain-controller-certificate-from-a-3rd-party-ca.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20http%3A%2F%2Fsocial.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2Fupdated-requirements-for-a-windows-server-2008-r2-domain-controller-certificate-from-a-3rd-party-ca.aspx%20%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBlog%20post%3A%20%3CA%20title%3D%22Smart%20Card%20KDC%20Event%20ID%2029%20on%20Domain%20Controller%22%20href%3D%22http%3A%2F%2Fblogs.technet.com%2Fb%2Finstan%2Farchive%2F2011%2F05%2F17%2Fsmartcard-logon-using-certificates-from-a-3rd-party-on-a-domain-controller-and-kdc-event-id-29.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20Smartcard%20logon%20using%20certificates%20from%20a%203rd%20party%20on%20a%20Domain%20Controller%20and%20KDC%20Event%20ID%2029%20%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1128721%22%20slang%3D%22en-US%22%3E%3CP%3EFirst%20published%20on%20TECHNET%20on%20Sep%2028%2C%202011%20Ingolfur%20has%20written%20a%20blog%20post%20as%20well%20as%20a%20TechNet%20Wiki%20article%20describing%20how%20a%20Windows%20Server%202008%20R2%20certification%20authority%20(CA)%20parses%20certificates%2C%20especially%20those%20from%20a%20third-party%20(3rd%20party)%20non-Microsoft%20CA.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1128721%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EKurtHudson%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

First published on TECHNET on Sep 28, 2011

Ingolfur has written a blog post as well as a TechNet Wiki article describing how a Windows Server 2008 R2 certification authority (CA) parses certificates, especially those from a third-party (3rd party) non-Microsoft CA. He also covers the Key Distribution Center (KDC) enhanced key usage (EKU) object identifiers (OIDs) and in the blog post KDC event ID 29.

 

TechNet Wiki article: Updated requirements for a Windows Server 2008 R2 domain controller certificate from a 3rd party CA...

 

http://social.technet.microsoft.com/wiki/contents/articles/updated-requirements-for-a-windows-serve...

 

Blog post: Smartcard logon using certificates from a 3rd party on a Domain Controller and KDC Event ID 29