locked
Cert request in OSC2007 R2 on Win 2008 Server RRS feed

  • Question

  • Hi!
     
    I've come to the certificate part of the deployment.

    I have a Windows Server 2008 x64 w. IIS7 and OCS 2007 R2.

    I have created an offline request and sent it to my Cert issuer (trustzone.dk).
    Howevver they are not able to isse a cert because there are no -----Begin request---- an ---- end request----- in the file created.

    Has anyone seen this behavior before?
    What do I need to do to get a correct cert request?

    Best regards

    Joakim Gustafsson
    Stratiteq Sweden
    Thursday, February 26, 2009 8:26 AM

All replies

  • The Certificate Wizard in OCS R2 should definitely put the BEGIN/END lines into the cert request file.  If you open up the file after creation does it look similar to this?

    -----BEGIN NEW CERTIFICATE REQUEST-----  
    ELyLOEKS6qkxRkEPYBYXjesDlk6oD+jPC15gEsMsCGfS+Bj5/03ytwQjsPR7dF9p  
    MIID/DCCA2UCAQAwZzEaMBgGA1UEAxMRT0NTRkUubGFiZml2ZS5jb20xDTALBgNV  
    VQQIEwJJTDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB  
    TdhEJoPl9WATZjDxGKhOodYdki/0UF+KOYwqBZzi46ijAgMBAAGgggJTMBoGCisG  
    AQQBgjcNAgMxDBYKNS4yLjM3OTAuMjBFBgkrBgEEAYI3FRQxODA2AgEBDBFPQ1NG  
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  
    AAAAAAAAAAAAAAAAADANBgkqhkiG9w0BAQUFAAOBgQCPpYNnoEJdvTcL0ta4Jel/  
    g73ThuEW8d2r7Y7eiph3ZrYylAGus31CWIQzBNT0HsLZ9zasKAMPEVA8E1ASVoEx  
    KDbsrJ2FYdPo9aiBIK9ofl5R50==  
    -----END NEW CERTIFICATE REQUEST----- 



    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Thursday, February 26, 2009 9:24 PM
    Moderator
  • Nope, no such lines:

    MIIDvjCCAycCAQAwezELMAkGA1UEBhMCU0UxDjAMBgNVBAgMBU1hbG1vMQ4wDAYD  
    VQQHDAVNYWxtbzEcMBoGA1UECgwTU3RyYXRpdGVxIFN3ZWRlbiBBQjESMBAGA1UE  
    CwwJU3RyYXRpdGVxMRowGAYDVQQDDBFsaXZlLnN0cmF0aXRlcS5zZTCBnzANBgkq  
    hkiG9w0BAQEFAAOBjQAwgYkCgYEAsR9tWecySCW/XpOqOrfof/7jKBfskblDc0+R  
    augWHC9kXH8fy1TK3u0q1fLRCUB6vhFfBzr5wedXknlQdvyr5LWGoy/tFLcXSoFI  
    M0r8QhtS1E2Zswp43XbI+ar6J7FTwcy3UH3xKUzzUUnU8jtNassgb+zQdbriTu90  
    crIyb8cCAwEAAaCCAgEwGgYKKwYBBAGCNw0CAzEMFgo2LjAuNjAwMS4yMFEGCSsG  
    AQQBgjcVFDFEMEICAQUMHFNUUk9GRklDRUxJVkUuc3RyYXRpdGVxLmNvcnAMEVNU  
    UkFUSVRFUVxhZG1pbmpnDAxkZXBsb3lzZS5leGUwcgYKKwYBBAGCNw0CAjFkMGIC  
    AQEeWgBNAGkAYwByAG8AcwBvAGYAdAAgAFIAUwBBACAAUwBDAGgAYQBuAG4AZQBs  
    ACAAQwByAHkAcAB0AG8AZwByAGEAcABoAGkAYwAgAFAAcgBvAHYAaQBkAGUAcgMB  
    ADCCARoGCSqGSIb3DQEJDjGCAQswggEHMCEGCSsGAQQBgjcUAgQUHhIAVwBlAGIA  
    UwBlAHIAdgBlAHIwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEQGCSqG  
    SIb3DQEJDwQ3MDUwDgYIKoZIhvcNAwICAgCAMA4GCCqGSIb3DQMEAgIAgDAHBgUr  
    DgMCBzAKBggqhkiG9w0DBzAOBgNVHQ8BAf8EBAMCBPAwTgYDVR0RBEcwRYISc2lw  
    LnN0cmF0aXRlcS5jb3JwghxTVFJPRkZJQ0VMSVZFLnN0cmF0aXRlcS5jb3JwghFs  
    aXZlLnN0cmF0aXRlcS5zZTAdBgNVHQ4EFgQUDV4Ju62yt649WmYPrwygWHc5ZiEw  
    DQYJKoZIhvcNAQEFBQADgYEAa2RbqFTGI4fAUtD1TFCoue/9QiuhjwKLNt0VVFw1  
    QYsq0aJt8GsdAEN8iTvTiYGfhI9oPNS3pauQlAwrsPSZkSfpxuxrXsZa5n3yFqST  
    h/FROby2RLl8x6aIF9c1a6QaUTrw/+UwKtBDH+UA9WjL449hiybsP5zCuN58FKI4  
    qMo=  
     

     

    I managed to get passed it by creating a self-signed cert i IIS7 but that won't do it if we want to go external.

    Regards

     

    Joakim

     

    Friday, February 27, 2009 7:15 AM