Jump to content

Requesting Certificate from Certificate Authority


Recommended Posts

If you have an internal Certificate Authority set up in your environment, a good solution is to generate a certificate to use on your Passwordstate website.  Internal certificates are the best free certificate option if you do not need to access Passwordstate from outside your own network.


This forum post describes how to generate a certificate that will be accepted by your browsers with no warnings or errors.


Step 1:

On your Certificate Authority server, open certtmpl.msc


Step 2:

Right Click Web Server template and select Properties




Step 3:

Under the Security Tab, click the Add button, select the Object Types button, tick the Computers check box, and then search for your Passwordstate web server.  You should give this Read, Write and Enroll permissions:




Step 4:

On your Passwordstate web server, open certlm.msc, right click Personal -> Certificates and Request a New Certificate




Step 5:

Click Next, Next, tick Web Server and then click the more information link:




Step 6:

Select the Common Name and DNS values for the drop down boxes, and enter in a wilcard values for your domain, such as *.contoso.com




Step 7:

Click the Add buttons to insert these wildcard values into your certificate




Step 8:

Under the General tab, enter a friendly name and a description for your certificate.  This can be anything you like. 




Step 9:

Under the Private Key tab, expand out the key options and select the Make private key exportable option.  This can help with our browser based remote session launcher and if you intend on installing this at a later date.




Step 10:

Click OK and the click Enroll, and finally hit Finish




Step 11:

Open IIS on your web server, browse to your Passwordstate website, select bindings and select your new certificate on your HTTPS binding.  




Handy Information:

Your binding should match your certificate, which should also match your DNS entry for your web site.  If all three match then you will have hassle free browsing to your Passwordstate web site.






Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...