Comments
 

There are two ways to see which Certificate Authority servers exist in your AD domain.

1. Check the Cert Publishers group

The AD group Cert Publishers contain the servers that are permitted to publish certificates to AD. As a consequence, this gruop will contain all servers that are CAs.

2. Use certutil

You can use the certutil command to view (and select from) a list of CAs in the current AD domain:

certutil -config - -ping

Note: type the command as-is, including all spaces and hyphens.

A window will appear, listing the CA name and the server it runs on.

Add a new comment
 
Your name:
Your e-mail:
Your comment:
 
Basic BBcode is supported.
Captcha:
Type the letters and numbers as shown.
/get/captcha/1749345013
Not readable? Get another.
 
 
 
 
« June 2025»
SunMonTueWedThuFriSat
1234567
891011121314
15161718192021
22232425262728
2930     
 
Links
 
Quote
« Have you tried turning it off and on again? »
The IT Crowd