Re: IIS and CA in 2000

[Chris Shattock]

Title: IIS and CA in 2000

If you haven't been screwing around with your 'default web site' like me then just use port 80 not 91 - i.e. http://localhost/CertSrv/default.asp   Chris Shattock ----- Original Message ----- From: Chris Shattock To: NT System Admin Issues Sent: Wednesday, September 26, 2001 10:33 AM Subject: Re: IIS and CA in 2000 I'll assume that you have already generated and saved the certificate request file (say certreq.txt) from IIS. Form there: In your browser go to http://localhost:91/CertSrv/default.asp Select Request a Certificate - hit Next Select Advanced Request - hit Next Select the second option: "Submit a certificate request using a base 64..." - hit Next Copy and Paste the entire contents of your certreq.txt file into the "Saved Request" text field. On the Certificate Template drop-down select "Web Server" and hit Submit. If your CA is appropriately set-up you can on the next screen download and save the DER (or Base 64) encoded certificate - which can then be picked up by the IIS Assign Server Certificate Wizard. If not: you need to start the CA Management Console and manually issue the certificate request by right-clicking the request in the Pending List - you can then use http://localhost:91/CertSrv/default.asp to 'pick-up' and save the certificate from the server (or export it manually from the CA Management Console). In IIS when you 're-start' the Wizard just give it the name/location of the .cer file that was generated containing the encoded certificate.   Chris Shattock ----- Original Message ----- From: Shannon Speck To: NT System Admin Issues Sent: Wednesday, September 26, 2001 1:10 AM Subject: IIS and CA in 2000 I am not sure if this is an appropriate question for this list, but here it goes. I have a W2K SP2 server running IIS 5.0 and have installed Certificate Services in Stand Alone mode (because I want to issue certificates over the internet). I am trying to get the default website up and running SSL. The site functions properly until I invoke the SSL. My question is how do I "bind" a certificate to the site? I have used Verisign in the past and I just send them my file and they send back a new file to install on the site. I can not figure out how to do this with MS's Certificate Authority. I have never seen the process from a Verisign stand point and this is where I am stuck. I have read numerous articles on how to do this and they all seem to tell me how to install Certificate Services and stop there. Thanks, SS Want to unsub? Do that here: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english Want to unsub? Do that here: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english Want to unsub? Do that here: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english