Hello,
I am planning to install Single tier Enterprise CA on a dedicated Windows 2008 R2 Server.We still have Windows XP SP3 workstations and I have some questions about the "cryptography" options on the Certificate Authority installation wizard.
The "Select a cryptographic service provider (CSP)" -selection defaults to "rsa#microsoft software key storage provider". I'am not sure can I select it, or any of the "Cryptography Next Generation (CNG)" providers (marked with #).
Does anyone have any information about which CSP I should select?
I believe Windows 2003 CA Defaults to "Microsoft Strong Cryptographic Provider" so thinking of selecting that to guarantee compatibility with Windows XP.
Any recommendations on "Key character lenght" and "Hash algorithm for signing certificates" are also very welcome.
Thanks
lakend