Exercise one: Installing Certificate Services
Working on the server manager, not one hundred percent sure what is going on. A part from the lab telling me we are installing and configuring the certificate servers bundled with windows server.
Screenshots of the first initial set-up instructed for me to complete.
Screenshots of the second set-up required.
“This is the key that secures the integrity of the whole certificate service. In a production network, it is critical that this key be kept securely.” – note about the Cryptography.
Exercise two: Exploring the certificate server
Examining of the certificate server
Exercise three: Configuring an EFS Recovery Agent
“If a private key is lost, any data encrypted using that key will become completely inaccessible. To avoid this, it is usually necessary to configure EFS recovery agents, who have the ability to restore the data.”
Exercise four: Configuring a Certificate Enrollment Website
“Ordinary computer and user certificates can be issued without requiring user intervention but for some types of certificate you may want users to manually choose to request one. You can configure the CA Web Enrollment site to facilitate this. The web enrollment server must itself be identified by a certificate. However, which we will configure in this exercise.”
Exercise 5: Obtaining a Key Recovery Certificate
While I was working on this exercise, I ran into a problem which was when the lab told me to run the Run Control in the yellow alert box, I had no idea what it was talking about so I wasn’t able to do it, so I closed the web browser and started it back up again and miraculously it skipped like 4 of the steps it said to do. So I was able to complete the exercise.
Exercise six: Configuring Domain EFS Recovery
Exercise seven: Using Encryption
Exercise eight: Performing Data Recovery
When it said to un-check the the encrypt contents in the properties, as Bob, I un-checked it as the administrator, but it didn’t do the contents in the folder, so as Bob I had to un-check the encrypt contents on both of the files inside the folder, so that Sue would have access, I thought it was weird because I thought they would un-check seeing as they are apart of that folder.