The key pair for this certificate is generated at the same time the request file is created by Certreq.2. The Online Responder Service runs under the Network Service account.
By default the Network Service account does not have access to private keys of certificates located in the Local Computer Personal store.
) you can (re)start the installation/configuration. Before the installation/configuration you must uninstall the broken “Certificate Authority” role service installation.
Do not enable this setting unless you have a Hardware Security Module (HSM) and associated cryptographic service provider (CSP) that supports key counting.And of course the OCSP Responder can support both types of Revocation Configurations on the same responder.1.OCSP Signing Certificate must of course be available on the Enterprise CA that the array is going to provide revocation information for.In the Online Responder Management Console, expand Array Configuration.Select the Responder that you wish to make the Array Controller, right click on the responder name, and select Set as Array Controller from the context menu.7.