Before starting to configure the certification authority to work with the Indeed Certificate Manager system, pay attention to encryption key size in the properties of the certificate templates that you plan to use.

To mitigate the risk of unauthorized access to confidential information, the Microsoft company issued a non-security update (KB2661254) for all supported Microsoft Windows versions. This update blocks cryptographic keys, whose length is less than 1024 bits. The update is not available for Windows 8 and later or Windows Server 2012 and later, since these systems already can block weak RSA keys of less than 1024 bits in size. For more details about this update, please refer to Microsoft support service website: http://support.microsoft.com/kb/2661254

  1. Open the Certification Authority tool and double-click the name of certification authority.
  2. Right-click the Certificate Templates container, select the New and then Certificate Template to Issue item.
  3. Select the Enrollment Agent certificate template (mandatory), as well as all the other certificate templates (for example, Copy of Smartсard Logon) to be used by the Indeed CM system.
  4. Click OK to save.