Certificates

All replies

• 

  

  0

  Sign in to vote

  You can use your internal servers but then you need to create your requests and save them to file

  Import them via the certsrv website on an internal server and copy the certificate to your edge servers

   

  Or you can purchase officially supported certificates on the internet

   

  I would certainly not install any Certfication authority on your edge server

   

  Deli

   

  Wednesday, October 31, 2007 12:07 PM
• 

  

  0

  Sign in to vote

  Deli,

   

  Tks for your reply. I did exacly what you said. But when I try to assign the certificate to my internal interface using the wizard no certificate is shown in step "avaiable certificates" ...

   

   

  Wednesday, October 31, 2007 12:23 PM
• 

  

  0

  Sign in to vote

  You need to import the certificate into your computer store first!

  Open MMC and add Certificates to your Snapin DO SELECT COMPUTER store

  And import the certificate into the Personal store of the computer

   

  After import verify that you have the private key by opening the certificate from the store and view the certificiate (You have the private key should be on the bottom) otherwise that will not function

   

  Deli

  Wednesday, October 31, 2007 1:14 PM
• 

  

  0

  Sign in to vote

  I've already did this too! I've tryed to import to personal store and to trusted store and didn't work. I'm having problems with the private key... I think the problem is that...

   

   

   

   

  Wednesday, October 31, 2007 2:27 PM
• 

  

  0

  Sign in to vote

  How did you get the certificate onto your EDGE Server?

  Did you export it form another computer store (export private key is then required)

  Did you copy the cer file from a computer where you accessed the certsrv website?

   

  Deli

  Wednesday, October 31, 2007 3:02 PM
• 

  

  0

  Sign in to vote

   

  the second option.... i followed the procedures of the product like ms recomends...

  Wednesday, October 31, 2007 4:08 PM
• 

  

  0

  Sign in to vote

  OK, then you need to export the private key with the certificate

  If don't receive the question whether you want to export the private key then the certificate was not created using the option to export the private key.

  If that is the case then you need to recreate the certificate and make sure that you can export the key

   

  This may be a hard thing with the OCS wizard

  So you may need to give your edge server access to the certsrv website so that you can import the certificate directly onto your edge server so that you don't need to export the certificate from another server

   

  Deli

   

  Wednesday, October 31, 2007 11:38 PM
• 

  

  0

  Sign in to vote

  Ok Deli. I will try this.

   

  Thanks for your big big big help!

   

  Thursday, November 1, 2007 12:04 PM
• 

  

  0

  Sign in to vote

  I had a problem with our GoDaddy UC Cert, where it wasn't showing as an available cert. Godaddy was issuing us just a CRT file while OCS was expecting a CER file.

  I had to go to the godaddy admin site where you manage your cert, and click ReIssue. Then copy the contents of the window on the right (the reissued cert) into a text file and name it ourcert.cer.

  Then take this to our edge server and restart the certificate wizard. When the wizard asked for the file from the CA, I pointed it to the ourcert.cer file and it worked.

  I had a valid cert that had a private key after that.

   

  Hope this helps others.

  Monday, February 18, 2008 8:41 PM