Title: IIS and CA in 2000
|
Check my earlier reply for port# - if you have all
defaults forget it - just default to 80.
Personally I don't read that much - this and other
things I find out by trying - consequently I end up rebuilding my server every 3
weeks or so - but each time I do it goes quicker (after re-installing W2KS and
AS x times since 1998!).
I have found a self-certified CA to be very usefule
for devolpment and testing out multiple IP-less hosting with different SSL's and
Exchange etc. - they're all done the same way. So have some fun!
----- Original Message -----
Sent: Wednesday, September 26, 2001 1:02
PM
Subject: RE: IIS and CA in 2000
Man,
that was dead on!! After posting yesterday evening, I finally came across an
article that explained this. This info was not the easiest to find. The
only difference in the article from your info was how to access the local
host. They are suggesting http://localhost/certsrv . This seemed to
work. They did not mention the port #. I am going to have to go back through
it and see if I can find the option for Web server. I don't recall seeing
that. My next task is getting rid of the errors for stuff not matching. Thanks
a million for the info.
Have
a good one,
SS
I'll assume that you have already generated and
saved the certificate request file (say certreq.txt) from IIS. Form
there:
Select Request a Certificate - hit
Next
Select Advanced Request - hit Next
Select the second option: "Submit a certificate
request using a base 64..." - hit Next
Copy and Paste the entire contents of your
certreq.txt file into the "Saved Request" text field. On the Certificate
Template drop-down select "Web Server" and hit Submit.
If your CA is appropriately set-up you can on
the next screen download and save the DER (or Base 64) encoded certificate -
which can then be picked up by the IIS Assign Server Certificate Wizard. If
not: you need to start the CA Management Console and manually issue the
certificate request by right-clicking the request in the Pending List - you
can then use http://localhost:91/CertSrv/default.asp to
'pick-up' and save the certificate from the server (or export it manually
from the CA Management Console).
In IIS when you 're-start' the Wizard just give
it the name/location of the .cer file that was generated containing the
encoded certificate.
Chris Shattock
----- Original Message -----
Sent: Wednesday, September 26, 2001
1:10 AM
Subject: IIS and CA in 2000
I am not sure if this is an appropriate
question for this list, but here it goes.
I have a W2K SP2 server running IIS 5.0 and have installed
Certificate Services in Stand Alone mode (because I want to issue
certificates over the internet). I am trying to get the default website up
and running SSL. The site functions properly until I invoke the SSL. My
question is how do I "bind" a certificate to the site? I have used
Verisign in the past and I just send them my file and they send back a new
file to install on the site. I can not figure out how to do this with MS's
Certificate Authority. I have never seen the process from a Verisign stand
point and this is where I am stuck. I have read numerous articles on how
to do this and they all seem to tell me how to install Certificate
Services and stop there.
Thanks,
SS Want to unsub? Do that
here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english
Want
to unsub? Do that
here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english
Want
to unsub? Do that
here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english
Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english
|
