Certificate Auto-enrollment Quick Start Guide

If you are an administrator of Centrify-managed UNIX or Linux computers, you can use this guide to help you set up a Certificate Authority with the Microsoft Windows certificate auto-enrollment feature to automatically manage certificates for UNIX and Linux computers in your domain. While there are many ways to deploy certificates, this guide describes how to use Active Directory server roles and Windows Group Policy to set up automatic enrollment.

The following topics are covered:

Working with a single Certificate Authority for UNIX computers

Preparing a computer to be a Certificate Authority (CA)

Adding a trusted root certificate to the group policy

Enabling auto-enrollment

Creating a certificate template

Assigning the certificate template to the CA

Retrieving certificate revocation lists (CRLs)