I am assigned to build a secure FTP server on a Windows platform. I am looking to build Self-signed SSL certificates on the cheap, without requiring a Certficate Authority. Is there a 'how to guide' for the above?
I am greateful for any information you can provide.
This secure FTP server will be on the "DMZ" with a public IP. The object is to provide secure communications between clients accessing the FTP server and the FTP server. Clients accesing the FTP files are company employees and outside vendors. Should this FTP server sitting outside of the company LAN have an Active Directory of its own? If not The following needs to be selected. Could you provide advise.
Windows Component Wizard, provides two options
1. Stand-alone CA
2. Stand-alone subordinate CA
"To install an enterprise CA, Active Directory is required: you must also be a member of the Enterprise Admins group.
check box? "Use custom setting to generate the key pair and CA certificate"
The following link
gives the pros and cons on taking the stand-alone or enterprise route. There will be advantages of going down the enterprise CA route as it means that the CA will be added to the list of trusted CAs for all domain users. However, as you will be having outside vendors this will not apply to them unless you may them domain users as well.