[Micronet] CalNet Active Directory PKI Service Changes

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Micronet] CalNet Active Directory PKI Service Changes

Curtis Salinas
On Monday August 2nd, 2010 the CalNetAD Team will begin migrating the internal PKI environment used by the Campus Active Directory to a new Windows Server 2008 PKI environment.  For end users of certificates issued by this PKI hierarchy this change means that a new root certificate will need to be trusted in order to provide a seamless experience.  

During the period of time in which both hierarchies are in place, it may be necessary to trust both the old and the new root Certificate Authority (CA) certificates. CalNetAD member workstations and servers already trust the old environment's root CA, and will automatically trust the new root CA after August 2nd. For instructions on how to manually trust the new environment (for non-member systems), please see the KB article below:
https://kb.berkeley.edu/jivekb/entry.jspa?externalID=2771&categoryID=76

For more information and a timeline of the cutover, please see the following KB article:
https://kb.berkeley.edu/jivekb/entry.jspa?externalID=2769&categoryID=76

In addition to this migration, and in conjunction with the adoption of the InCommon-Comodo CA Pilot program, we are removing the ability to request SSL certificates from the CalNetAD PKI web enrollment servers beginning on Monday, August 16th, 2010.  For more information on the InCommon-Comodo service, which is replacing both CalNetAD PKI SSL certificates and the IST VeriSign SSL offering, please visit the pilot website:
https://wikihub.berkeley.edu/x/mwHNAQ

Please direct any questions to the Windows Team by either emailing us directly at [hidden email] or submitting a request through the CalNetAD Contact Us page:
https://calnetad.berkeley.edu/supportandtools/Lists/Contact%20Us/NewForm.aspx


- Curtis

--
Curtis Salinas
Systems Administrator
Information Services and Technology
University of California, Berkeley



 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.