I am using the Microsoft Certificate Server to publish certificates and store them in the Active Directory (AD), these are then retrieved via LDAP. However I am having a problem when getting the CML to validate certificate paths since the certificates do not get published in the AD where their subject DN's suggest. For example if I have a certificate and look at the issuer DN I will find something like "CN = WDA,O = test,C = GB", asking the AD for this though will return nothing since the CA Certificate is actually at "CN=WDA,CN=Certification Authorities,CN=Public Key Services,CN=Services,CN=Configuration,DC=wda,DC=test,DC=gb".
Has anyone attempted to validate certificates stored in this manner?
Regards
William Adams