New Flags introduced on Windows server 2008 R2 CA

Flag Attributes

CT_FLAG_DONOTPRERSISTINDB

CT_FLAG_NO REVOCATION INFO IN ISSUED CERTS  : The CA should not include revocation information in the AIA and CDP extension in the issued certificates

CT_FLAG_INCLUDE_BASIC_CONSTRAINTS_FOR_EE_CERTS
if the template has this flag set , the client SHOULD add a basic constrains extension to the certificate request and ser the CA field to FALSE.

-Reyqest on behalf of ( ROBO)  : CR_IN_ROBO : Indiciate that the called might be different than the one indicated in the request’s subject and SAM fields.

certutil –setreg DBFlags +DBFLAGS_ENABLEVOLATILEREQUESTS

Enable Non persistent processing

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s