locked
Cannot apply certificate RRS feed

  • Question

  • Greetings, I have created a certificate request via the ocs wizard. I then created the certificate using a local certification server. I double click on the .cert and install it into the "Trusted root certification authorities" It says the import is successful but if I go into the Public key management MMC I cannot find the certificate. So I install the .cert again this time letting it choose where to put it. It will then show up in "Trusted root certification authorities" however if I go into the OCS MMC and attempt to select the cert it tells me that it needs to be in the TRCA. It's already there so I'm confused. Is there something I'm missing?

    Cheers,
    Ryan
    Tuesday, May 29, 2007 7:24 PM

Answers

  • Thanks for your reply. After exhausting my options I simply created a new CA on the same server that I'm running the OCS on. I think the problem was that it was not exporting a private key from the CA server. In any case once I created the certificate on the local server it imported fine.

    Wednesday, May 30, 2007 2:51 AM

All replies

  • Ryan,

     

    Your root CA certificate needs to be in the TRCA store.  You can find this by opening the Certification Authority MMC on your CA server, going to the properties of the CA, clicking "View Certificate", and selecting the "Copy to File" option on the details tab.  You can also install it via the /certsrv website if you installed the CA with that option.

     

    Once this is done you'll need to import the certificate that was generated from your request into the local machine store of the OCS server.  To do this open the certificates snap-in in MMC against the local computer and find the import option in the right click menu.

     

    Z

    Wednesday, May 30, 2007 1:09 AM
    Moderator
  • Thanks for your reply. After exhausting my options I simply created a new CA on the same server that I'm running the OCS on. I think the problem was that it was not exporting a private key from the CA server. In any case once I created the certificate on the local server it imported fine.

    Wednesday, May 30, 2007 2:51 AM