AEG (Auto Enrollment Gateway)

AEG (Auto Enrollment Gateway)

  • AEG: How to Enable Advanced Logging for AEG Server

    Feb 29, 2020, 5:07 AM

    This article will guide you through enabling AEG’s advanced logging feature. If this is not the solution you are looking for, please search for the solution in the search bar above. Note: This support article applies to AEG version 5.x and below. Also, when facing issues to enroll for Certificates, our support staff may require more information to determine the root cause of the problem.

    Read More
  • AEG: How to Create Custom Certificate Templates

    Mar 2, 2020, 1:56 AM

    This article will go over how to create templates from duplicates of default templates for both User and Machine Authentication. Depending on the use case that you implement, you will need to duplicate one of the default Certificate templates. Duplication is not required but is strongly recommended to avoid changing the properties of default templates and to better control the changes applied to templates that work with the AEG.

    Read More
  • AEG: How to Create and Link a GPO in Active Directory

    Mar 2, 2020, 2:58 AM

    This article will walk you through on how to create and link a Group Policy in Active Directory. Creating a GPO is a fairly simple task, so long as you know what settings you need to change, and how to apply it to the endpoints you are trying to affect.

    Read More
  • AEG: How to Edit a GPO for Certificate Enrollment

    Mar 2, 2020, 3:03 AM

    This article will walk you through editing a GPO for Certificate Enrollment. Certificate Services Client - Certificate Enrollment Policy - These are the settings that define the URL for the policy servers which users and computers will contact. By default (in a newly created GPO), these setting will be set to "Not Configured", and will need to be changed to "Enabled". When you enable it, it will have a default Certificate Enrollment Policy (CEP) in the list called Active Directory Enrollment Policy, and it will be set as the default.

    Read More
  • AEG: How to Check the Functional Levels in Active Directory

    Mar 2, 2020, 4:28 AM

    AEG leverages both Active Directory Domain Services (AD DS) and Active Directory Certificate Services (AD CS) capabilities. In this sense, functional levels determine the available AD DS domain and forest capabilities. There are three ways to verify your current forest and domain functional levels on your Active Directory Domain Controller. You can use the Server Manager, the Administrative Tools, or the PowerShell. In this article, we show you the steps to use any of those tools.

    Read More
  • AEG: How to Check the Active Directory Schema Version

    Mar 2, 2020, 4:47 AM

    AEG constantly interacts with Active Directory (AD) objects during the Certificate enrollment process. The AD Schema version is a description of all directory objects and attributes of the Windows domain. The AD Schema reflects the basic structure of the catalog and is critical for its proper functioning. Usually, the Schema version requires an update when you add a new Domain Controller (DC) with a new version of Windows Server.

    Read More
  • How to Test Connectivity and Permissions to your Database Server

    Jul 10, 2020, 1:07 PM

    In this article, we will provide some useful tools and commands that you can use to test connectivity from your AEG server to your database server. Testing connectivity to your database server is crucial in the following scenarios: You are working on a Proof of Concept (POC) stage with our Engineers and want to make sure that connectivity is working appropriately. You are working on implementing the AEG in your production environment and want to make sure that connectivity is working adequately. You believe the AEG server is not synchronizing with the database server, it is not showing the settings and features in the AEG Portal, or you find error logs in the Windows Event Viewer that are related to database connectivity.

    Read More
  • How to Identify and Solve Clock Skew Problems with NTP

    Jul 1, 2020, 9:51 AM

    As a GlobalSign customer, sometimes, you will encounter issues with Certificate deployment and installation through the AEG. One that is recurrent is when a Certificate cannot be installed because a computer receives it outside the Certificate validity period. This happens because the start validity date is in the future compared to the time the computer reads from its local source or its NTP source. As a result, the computer does not validate the Certificate correctly and denies its installation. In this article, we will discuss the main reasons around clock/time skew issues when you are making use of our AEG solution.

    Read More

GlobalSign System Alerts

View recent system alerts.

View Alerts

Certificate Inventory Tool

Scan your endpoints to locate all of your Certificates.

Log In / Sign Up

SSL Configuration Test

Check your certificate installation for SSL issues and vulnerabilities.