How to request Public Cert from CWA R2? RRS feed

  • Question

  • i know on the front end server you have the wizard, when setting up cwa r2, what should i use to request public cert?  I don't see any wizard, should i be using IIS?

    thanks for you help
    Wednesday, May 13, 2009 7:50 PM

All replies

  • You can use either the certsrv IIS site or the certreq command to do this.  See this article for more details: http://support.microsoft.com/kb/931351/en-us
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Thursday, May 14, 2009 1:25 AM
  • We don't have internal CA, I need info on requesting cert from external CA (entrust).

    What is  certsrv IIS site?  Is this for internal CA?

    I'll check out link now.  Thanks for your help.

    Thursday, May 14, 2009 1:17 PM
  • You can use the front end server certs wizard to create the request, then cancel out at the end rather than assign the certificate - that worked fine for me. I must admit in my case that CWA was on my std ed. FE server (in the old days when that was supported...) but I don't believe that is relevant.


    Wednesday, May 20, 2009 10:01 AM
  • You can also use LCSCMD.exe to request the cert. Should be in the Technet documentation for CWA or in the .CHM file.

    I tend use the same method as Tim for convenience sake. Just use the wizard on the FE, generate your request, process the CA response and choose to NOT assign the certificate for FE services, export the new cert along with the private key, and import on your CWA server. Sounds like more work than it really is. :)
    Wednesday, May 20, 2009 7:14 PM
  • OK.  That seem to work, processed the Entrust cert from R2 Front End Server, then imported it on the R2 server certificate.msc, then exported it, and imported on the cwa server.  Now when trying to activate the CWA server, its telling me it doesn't find any R2 server in domain.  I have an R2 server in domain, i actually have myself and a couple other folks added to it.  Whats going on??????????  The account i'm installing cwa with has domain admin rights.  I'm going to completely remove what i installed for CWA and reinstall and see what happens.  Any ideas what is going on.  Is it better to install via command prompt or something.  Why is this so difficult, cwa should be easy part.
    Saturday, May 23, 2009 12:27 AM