I watched "Implement and Manage Certificates" in 70-414. I have a few followup questions...
I noticed, that when I created some of the templates, while the video recommended using 2048 or 4096 bit encryption, it didn't mention the hash algorithm. I chose 256 as one didn't appear selected. But, later a different algorithm was mentioned. How important is that selection? I'm guessing not too important since it wasn't mentioned.
I setup a recovery agent as described. But, I had already created the Group Policy Object to place the EFS certificate into computer "Trusted Root Certificate Authorities". So, do I need to do something extra to make sure that the recovery agent is used by those computers since the recovery agent didn't yet exist when the EFS certificates were issues?
There are a great many different certificate types. How can one know which to choose in any particular instance. For example, when I try to use remote logon to one of our servers, I get a message about not trusting the certificate. I'd like to fix that but am unsure of which certificate to use. Another example is on our Cisco Wireless Lan Controller. When I connect to it, the controller complains of not trusting the certificate. Again, which ceertificate should be used?