Designing a Public Key Infrastructure Copyright  2002 Microsoft Corporation. All Rights Reserved. Detailed Steps Review the detailed steps covered in the demonstration. Tasks Detailed Steps Important: Perform the following procedures at the computer acting as the enterprise subordinate CA. 1. Log on to the network as Administrator of your domain with a password of password. a. Log on by using the following credentials: User name: Administrator Password: password Log on to: NWTRADERS 2. In the Certification Authority console, revoke the following certificates with the Change of Affiliation reason code: • Domain\Certcomp uter (where domain is the NetBIOS name of your domain and computer is the NetBIOS name of your computer) • Domain\Certpartn er (where domain is the NetBIOS name of your domain and partner is the NetBIOS name of your partner’s computer) b. On the Start menu, click Programs, point to Administrative Tools, and then click Certification Authority. c. In the console tree, expand computer (where computer is the NetBIOS name of your computer), and then click Issued Certificates. d. In the details pane, right-click the certificate with Requester Name of domain\Certcomputer (where domain is the NetBIOS name of your domain and computer is the NetBIOS name of your computer), click All Tasks, and then click Revoke Certificate. e. In the Certificate dialog box, in the Reason code box, select Change of Affiliation, and then click Yes. f. In the details pane, right-click the certificate with Requester Name of domain\Certpartner (where domain is the NetBIOS name of your domain and partner is the NetBIOS name of your partner’s computer), click All Tasks, and then click Revoke Certificate. g. In the Certificate dialog box, in the Reason code box, select Change of Affiliation, and then click Yes. Designing a Public Key Infrastructure Copyright  2002 Microsoft Corporation. All Rights Reserved. Tasks Detailed Steps 3. Verify the revoked certificates and publish the CRL. h. In the console tree, click Revoked Certificates. Is the task of revoking the certificates complete? No. The CRL must be published to ensure that all certificate-aware applications will see the change in the status of the certificates. 3. (continued) i. In the console tree, right-click Revoked Certificates, and then click Publish. j. In the Certificate Revocation List dialog box, click Yes to publish the new CRL. k. Close all open windows and log off the network.