Do I need to copy RootCA in machine 2 & 3's trusted root
I have 3 machines in domain and where I choose Machine1 to host asp.net web api application.
I have create my own CA RootCA and put in Machine1's trusted root.
then I issued one more certificate X with Machine1 fully qualified domain name from RootCA.
I put certificate X in Machine1's Personal root.
I bind my asp.net web api app with certificate X.
If I browse to my asp.net web api, it's running fine and NO certificate error.
Now when I am trying to browse my asp.net web api from Machine2 & Machine3, I am getting certificate error.
- If I copied RootCA certificate to both Machine2 & Machine3's trusted store, then NO certificate error.
My questions,
It this required to copy RootCA certificate to both Machine2 & Machine3's trusted store?
Can I eliminate this steps? perhaps I don't want to install any certificate in Machine2 & Machine3. Is this possible?
Thanks!
It this required to copy RootCA certificate to both Machine2 & Machine3's trusted store?
Yes, otherwise the machines won't be able to assert whether to trust the certificate(s) issued by it.
can I eliminate this steps?
No, but since they're domain members you can automate distribution of the root certificate via Group Policy by configuring the following setting in a GPO that targets machine 2 and 3:
Path: Computer Configuration\Policies\Windows Settings\Security Settings\Public Key Policies
Setting: Trusted Root Certification Authorities
- How memory address for pointer to arrays is same as an element in 2D array?
- Which is the best way to suppress "unused variable" warning
- How to use ellipsis in c's case statement?
- Fast & accurate atan/arctan approximation algorithm
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- Fast ceiling of an integer division in C / C++
- Is there an invalid pthread_t id?
- How does SIMD (avx) processing work? for example, if I want 10 32 bit floats how do i fit in a 256 bit avx vector?
- FDCAN problems on STM32G4
- How does the call macro enable mutual recursion between functions f and g in this Hanoi Tower implementation?
- Running test on Rocket core CPU - global variable initialized to 0 is unsuccessful, output wrong value instead
- Interacting with C arrays without knowing the size
- Combination of two strings
- Avoiding strcpy overflow destination warning
- carriage return by fgets
- How to use special characters in C?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- Is it correct to compare pointers in C?
- Force free() to return malloc memory back to OS
- How can I print to standard error in C with 'printf'?
- What is the standard behavior of fread in C on Windows?
- How is strtok removing lines it shouldn't have access to?
- Using array as smart point in C
- Assigning string to malloced 2d char array not working as intended
- How to refactor repetition inside a Makefile?
- Why does an empty preprocessor command still evaluate to something?
- How to implement variable sized array within C struct
- Character array typecasting to integer
- Handling HTTP Headers in a Minimal C HTTP Server
- How to get the sign, mantissa and exponent of a floating point number