deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/mdop/appv-v4/configuring-certificates-to-support-secure-streaming.md
Nicholas Brower 1ae3f0b230 Merged PR 4822: "msdate update (generated from most recent commit date)" 
"msdate update (generated from most recent commit date)"
2017-12-05 22:36:05 +00:00

55 lines
2.3 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: Configuring Certificates to Support Secure Streaming
description: Configuring Certificates to Support Secure Streaming
author: jamiejdt
ms.assetid: 88dc76d8-7745-4729-92a1-af089c921244
ms.pagetype: mdop, appcompat, virtualization
ms.mktglfcycl: deploy
ms.sitesec: library
ms.prod: w8
ms.date: 08/30/2016
---
# Configuring Certificates to Support Secure Streaming
By default, the App-V service runs under the Network Service account. However, you can create a service account in Active Directory Domain Services and replace the Network Service account with the Active Directory Domain account.
The security context under which the service runs is important for configuring enhanced secure communications. This security context must have read permissions for the certificate private key. When a PKCS\#10 *Certificate Signing Request* (CSR) is generated for the App-V server, the Windows *Cryptographic Service Provider* is called and a private key is generated. The private key is secured with permissions given to the System and Administrator accounts only.
You must modify the access control lists (ACLs) on the private key to let the App-V Management or Streaming Server access the private key required for successful TLS secured communication.
## Obtaining and Installing a Certificate
The scenarios for obtaining and installing a certificate for App-V are as follows:
- Internal public key infrastructure (PKI).
- Third-party certificate issuing certification authority (CA).
**Note**  
If you need to obtain a certificate from a third-party CA, follow the documentation available on that CAs Web site.
 
If a PKI infrastructure has been deployed, consult with the PKI administrators to acquire a certificate that complies with the requirements described in this topic. If a PKI infrastructure is not available, use a third-party CA to obtain a valid certificate.
For step-by-step guidance for obtaining and installing a certificate, see <https://go.microsoft.com/fwlink/?LinkId=151969>.
## Related topics
Configuring Certificates to Support Secure Streaming
[How to Modify Private Key Permissions to Support Management Server or Streaming Server](how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md)
 
 
Reference in New Issue View Git Blame Copy Permalink