locked
Configure Certificate : wizard doesn't see the certificate RRS feed

  • Question

  • Hi,

     

    We're deploying  our pool in an expanded topology. 

    We requested a certificate from our Internal CA and imported it in the local certificate store of the Front End Server. 

     

    The certificate seems to be ok:

    • it has a private key
    • it's configured for Server Authentication
    • it's based on the Web Server template
    • the necessary Alternative names are in place.

    The problem is that when we want to assign the certificate, the wizard doesn't see it.

    In the "select a certficate"-box nothing is displayed.

     

    The certificate is listed in Internet Explored and has been assigned to the Web Components using IIS.

     

    Can we assign the certificate manualy? 

     

    Kind regards and thanks in advance,

    Chris

    Thursday, May 3, 2007 4:31 PM

Answers

  • Chris,

     

    In the OCS 2007 MMC you can locate the OCS 2007 Access server node and right click on it to bring up the properties sheet. Choose the certificate tab. If no certificate is applied you will receive a warning saying so. If you need to apply the certificate at this time you will be able to choose the certificate from a the pick list and apply it. If one is applied you will be able to view its information. Remember that the Trusted Root Authorities Certificate has to be applied to the Computer's Personal Trusted Root Certification Authorities store on the OCS 2007 server. Please let me know if you ned more assistance.

     

    Thanks,

     

    MIke Adkins OCS beta support team

     

     

    Friday, May 4, 2007 4:40 PM
  • Mike,

     

    Thanks!!! I managed to get it to work.

     

    By using the certificate tab on the properties of the OCS server, I did see my certificate. I tried to assign it and received an error: The SAN was not OK. I had to request our certifcate manually (we are not using the standard certificate templates, the OCS wizard has problems with this).  I didn't now that I also had to add a SAN that matched the subject name of the certificate. I only added the "sip.fqdn" as SAN.

     

    Now, I requested a new certificate with the complete SAN's and everything is working fine.

     

    Thanks again & kind regards,

    Chris

    Friday, May 4, 2007 7:00 PM

All replies

  • Is it in the local computer store or in the personal store.
    Thursday, May 3, 2007 11:25 PM
  • It's in the Local Computer store, in the Personal Folder.
    Friday, May 4, 2007 10:20 AM
  • Chris,

     

    In the OCS 2007 MMC you can locate the OCS 2007 Access server node and right click on it to bring up the properties sheet. Choose the certificate tab. If no certificate is applied you will receive a warning saying so. If you need to apply the certificate at this time you will be able to choose the certificate from a the pick list and apply it. If one is applied you will be able to view its information. Remember that the Trusted Root Authorities Certificate has to be applied to the Computer's Personal Trusted Root Certification Authorities store on the OCS 2007 server. Please let me know if you ned more assistance.

     

    Thanks,

     

    MIke Adkins OCS beta support team

     

     

    Friday, May 4, 2007 4:40 PM
  • Mike,

     

    Thanks!!! I managed to get it to work.

     

    By using the certificate tab on the properties of the OCS server, I did see my certificate. I tried to assign it and received an error: The SAN was not OK. I had to request our certifcate manually (we are not using the standard certificate templates, the OCS wizard has problems with this).  I didn't now that I also had to add a SAN that matched the subject name of the certificate. I only added the "sip.fqdn" as SAN.

     

    Now, I requested a new certificate with the complete SAN's and everything is working fine.

     

    Thanks again & kind regards,

    Chris

    Friday, May 4, 2007 7:00 PM
  • Hi Chris and Mike,

     

    I have the same problem. We cannot see the certificate. Can someone please point out how to get the certificate to work on our Win2k3 Std Server. We would love to use our own cert authority.

     

    Thanks fot taking the effort of answering!

     

    Stephan

    Wednesday, June 20, 2007 9:50 AM
  • I'm having the same issue here.

     

    I've verified the certificate I've created and the CA's root certificate are both in the personal store and the Local Computer Trusted Root Certificate Authorities on the CWA box, but when I run the CWA installer I'm not presented with any certificates to select.

     

    I've created the certificate using multiple different methods with the same result.

    • WebServer template through IIS CertSrv
    • Through the OCS MMC
    • LCS 2005 LCSCertUtil
    • Imported .req file
    • Private key exportable, private key non-exportable

    After importing the certificates into the local certificate store I still get nothing. All of the certificate paths appear to be verified correctly. Any ideas?

    Tuesday, July 17, 2007 8:00 PM
  • Gotta love when you can solve your own problems.

     

    The certificate needed to be in the computer's Personal Certificate Store. I had been popping up Cert Manager by doing a Run > certmgr.msc, but that will only show the user certificcates. Do a full Run > mmc > Add > Certificates > Computer. Once I added the certificate there it found it no problem.

    Friday, July 20, 2007 6:07 PM
  • Digital Certificate for VBA Projects

     I want see my certificate
    Tuesday, July 1, 2008 6:05 AM
  •  

    I have the same problem.  I tried everything, the certificate seems to be installed correctly in the CWA server.  I can see it in the Trusted Root Certificaction Authorities\Certificates, but I can't see it on the wizard that activates CWA.

     

    What else can I do?

     

    Miguel.

    Tuesday, September 30, 2008 5:41 PM