Title: IIS and CA in 2000
Man,
that was dead on!! After posting yesterday evening, I finally came across an
article that explained this. This info was not the easiest to find. The
only difference in the article from your info was how to access the local host.
They are suggesting http://localhost/certsrv . This seemed to
work. They did not mention the port #. I am going to have to go back through it
and see if I can find the option for Web server. I don't recall seeing that. My
next task is getting rid of the errors for stuff not matching. Thanks a million
for the info.
Have a
good one,
SS
I'll assume that you have already generated and
saved the certificate request file (say certreq.txt) from IIS. Form
there:
Select Request a Certificate - hit
Next
Select Advanced Request - hit Next
Select the second option: "Submit a certificate
request using a base 64..." - hit Next
Copy and Paste the entire contents of your
certreq.txt file into the "Saved Request" text field. On the Certificate
Template drop-down select "Web Server" and hit Submit.
If your CA is appropriately set-up you can on the
next screen download and save the DER (or Base 64) encoded certificate - which
can then be picked up by the IIS Assign Server Certificate Wizard. If not: you
need to start the CA Management Console and manually issue the certificate
request by right-clicking the request in the Pending List - you can then use
http://localhost:91/CertSrv/default.asp to
'pick-up' and save the certificate from the server (or export it manually from
the CA Management Console).
In IIS when you 're-start' the Wizard just give
it the name/location of the .cer file that was generated containing the
encoded certificate.
Chris Shattock
----- Original Message -----
Sent: Wednesday, September 26, 2001
1:10 AM
Subject: IIS and CA in 2000
I am not sure if this is an appropriate question
for this list, but here it goes.
I have a
W2K SP2 server running IIS 5.0 and have installed Certificate Services in
Stand Alone mode (because I want to issue certificates over the internet). I
am trying to get the default website up and running SSL. The site functions
properly until I invoke the SSL. My question is how do I "bind" a
certificate to the site? I have used Verisign in the past and I just send
them my file and they send back a new file to install on the site. I can not
figure out how to do this with MS's Certificate Authority. I have never seen
the process from a Verisign stand point and this is where I am stuck. I have
read numerous articles on how to do this and they all seem to tell me how to
install Certificate Services and stop there.
Thanks,
SS Want to unsub? Do that
here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english
Want
to unsub? Do that
here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english
Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english
|
