Overview: All our PCs are Windows 7 and all our servers are Windows Server 2008 R2 and we have Windows Server 2003 Domains.
I would like to use X.509 v3 templates (since our environment can handle it) but applications like ADFS and Lync Server don't seem to like the default CNG API that comes with the v3 templates. However, on Windows Server 2012 R2 in the Certification Authority application, there seems to be an option to choose a "Legacy Cryptographic Service Provider" for v3 templates under the "Cryptography" tab for 'Provider Category' in some of the screenshots I've seen online, but this option hasn't been available to me in the Certification Authority application on Windows Server 2008 R2.
Should I just carry on as I am doing with v2 templates, until I can change the default CNG API to the Legacy API for v3 templates?
Thank you,
Steve