Skip to main content

Certificate Authority – Requesting, Downloading, Installing, and Binding Certificates

Certificate Authority is a server role introduced by Microsoft, to issue digital certificates to target recipients. These digital certificates enable the environment to communicate securely between each other.


This post illustrates on how to :-
  1. Request certificate from an internal root CA
  2. Download the certificate from internal root CA
  3. Install the certificate to server
  4. Bind the certificate to HTTPS protocol

However, this post won't explain on how to install internal CA server. you may refer here for that. So let's get started.



Request Certificate From an Internal Root CA

  1.  Launch IIS Manager








  2. Click at the server name. Inside the working space area, locate Server Certificate feature, and double click at it / right click | open feature




  3. Click at Create Certificate Request...




  4. Put in all needed info, and click Next




  5. Select crypto service provider and bit length, click Next




  6. Specify the location of the certificate request file. In can be in TXT file. Click Finish.




  7.  CR file can be found at the location stated earlier.





Download the Certificate From Internal Root CA
  1.  Access to CA web enrollment address




  2.  Click at Request a certificate




  3.  Click at advanced certificate request.




  4.  Click at Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.




  5.  Open previously created CR file, copy the content...




  6.  Paste it inside the Saved Request. Change the Certificate Template to SSL template, and click Submit




  7.  Click Yes.




  8.  Click at Download certificate




  9.  Certificate downloaded.






Install the Certificate To Server
  1.  Launch IIS Manager, click at the server name, and open Server Certificates feature




  2.  At Action column, click at Complete Certificate Request




  3. Locate the cert (*.cer) previously downloaded, provide friendly name (usually I put the server name), and ensure the store is set to Personal. Click OK.




  4.  Installing...




  5.  Certificate Installed.





Bind the certificate to HTTPS protocol

  1.  Launch IIS Manager, navigate to <serverName> | Sites | Default Web Site (or any different name if applicable).





  2.  At Action column, click at Bindings...





  3. Click at https, and click at Edit...





  4.  Change the SSL certificate to previously installed certificate, then click OK.





  5.  Click Close.





  6.  The server is now good to use HTTPS protocol.

Labels:
Location: Auckland, New Zealand

Comments

Post a Comment

Popular posts from this blog

Session Settings Not Listed in Citrix Web Interface web site.

In previous post , I mentioned on what need to be done by users in case the publsihed applications did not successfully launched in seamless mode. However, in some cases, users might not be able to see the option. This post will help to solve it. Issues : Session Settings preference is not listed in Citrix Web Interface web site. This is due to the option is not enabled. It can be checked at Citrix Web Interface Management Console. Troubleshooting   Launch Citrix Web Interface Management Console . Browse to Citrix Web Interface > XenApp Web Sites . You will see lists of created Sites.  Right click at the required farm URL.  Choose S e ssion Preference  This window will appeared. Browse to Remote Connnection > Display . You will see the option " Allow users to customize window size " is unchecked . Resolution : Check the option " Allow users to customize window size ", and press OK  Get users to refresh the Web
2 comments
Read more

How To Change NetBIOS Name of A Computer

So yes... After 4 months without new contents, so I started with this. It looks easier to do (well, it is), but before you do that, you may want to read this  to understand the difference between hostname and netBIOS, then starts to explore on when to use them, their limitations etc etc. I won't discuss here (or maybe not today). So let's back to the topic.   Description : Changing NetBIOS Name of A Computer. ComputerName : NetBIOS : How To Do :  Go to Start > Run , and type REGEDIT  Browse to Computer > HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > ComputerName > ComputerName At the right side, double click at ComputerName string, and put correct Value data . Press OK .  Then you will get this Reboot your computer / VM. Once it is up, double check your netBIOS name. New name shall be reflected
3 comments
Read more

Microsoft Assessment and Planning (MAP) Toolkit - Extract Report (3/4)

As mentioned in  the first post , this KB series is about Microsoft Assessment and Planning (MAP) Toolkit. There are 4 main steps : Install MAP Toolkit and its basic configuration Collect inventory Data  Extract Report Extract Advanced Report Once inventory data collected, we can generate reports. From the inventory data collected earlier, we can use options in the toolkit to generate the report. For this example, we re going to discover Windows 10 Readiness This KB is about  how to generate report from collected inventory data. At Overview page, select the targeted scenario category. In this example, it is Desktop . At this page, select specific scenario that we after. In this example, it is Windows 10 Readiness.     It is possible to customize assessment properties. The properties will set the threshold of the assessment, such as, threshold for minimum CPU speed, acceptable free disk, as well as minimum assigned RAM. To do so, select Customize assessment pr
Post a Comment
Read more