Tuesday, September 7, 2010

Certificate Authority Standalone or Enterprise?

In this post I will be showing you a few quick ways how to determine if a certificate authority is a stand alone certificate authority or an enterprise certificate authority.

Method 1:

Use the certutil command:

certutil -cainfo

Method 2:

Check if there is a Certificate Templates folder in the certificate console. Certificate Templates only appears if the certificate authority is an enterprise CA.

In this screenshot we have a stand alone CA:

Method 3:

The "Cert Publishers" Active Directory group. All members of this group are enterprise certificate authorities.