Why This Chapter Matters

Secure Sockets Layer (SSL) protects the most important transactions on the Internet. Millions of people have relied on SSL to validate servers and keep their personal information private. As a security administrator, it is extremely likely that you will have to deploy and manage SSL certificates on a Microsoft Windows Server 2003 network. Even if you do not need SSL to protect Web communications, you can use the protocol to protect Active Directory directory service domain controller communications, database queries, and e-mail messages. This chapter will give you the knowledge and experience you need to use SSL to provide communications encryption and integrity for Windows Server 2003 network applications.

Before You Begin

If you fulfilled the requirements for the previous chapters, you already have the necessary hardware and software configured. You can use the computers in the state they were in after completing the previous chapters, or you can install the software from scratch. To do the practices, examples, and lab exercises in this chapter, you must have:

• A private network that is connected to the Internet and protected by a firewall. This network should not have any production computers connected to it.

• One computer. Perform a Windows Server 2003 installation with default settings, and assign the computer name Computer1. Add the Domain Controller role to the computer using the default settings, and specify the domain name cohowinery.com. Configure the computer to use itself as its own primary DNS server. Then add the Application Server role with the default settings. Finally, add Certificate Services and configure the computer as an Enterprise CA.

Additionally, this chapter contains examples that use SQL Server 2000, Microsoft Exchange Server 2003, and Microsoft Office Outlook 2003. To fully understand the examples, you should have these applications available.