Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, August 19, 2011 8:27 PM
Hey I am trying to do the most simple thing in the world, but this is impossible!!
I have setup my own standalone CA on my domain controller along with CA Web Enrollment. All I want to do is be able to issue a certificate with a private key, so that my internal websites can be ssl secured, as all computers are members of the domain, and will automatically trust the CA.
I followed these steps on the member server to create the request: http://technet.microsoft.com/en-us/library/ff625722(WS.10).aspx (I decided it would be best to get one certificate with multiple SAN's, then export them to the other servers)
When I login to https://domaincontroller/certsrv I go through the process to create the certificate (request cert > advanced cert req > req base64 blah blah > paste in the request that I completed from the technet article plus change certificate template to web server > click submit
When I do that the certificate is downloaded looking GREAT with the correct SAN's, but NO PRIVATE KEY!!!!
And of course no private key means this certificate is the most useless certificate ever!! Like seriously, what would you use the certificate for anyways?...maybe I just don't know enough yet.
Thanks.
All replies (2)
Friday, August 19, 2011 8:40 PM âś…Answered | 2 votes
You need to install/import the certificate on the same machine where you created the request to get it associated with its private key. After a successful import the certificate should be possible to export including the private key.
/Hasain
Friday, August 19, 2011 8:50 PM
Wow, that was easy, thanks! I guess it was that simple.