Document Classification: Public Document Name: SAPO Trust Centre - Generating a SSL CSR for IIS with SAN Document Reference:



Similar documents
e-cert (Server) User Guide For Microsoft IIS 7.0

Microsoft IIS 7 Guide to Installing Root Certificates, Generating CSR and Installing certificate

How to request a certificate

EM L12 Symantec Mobile Management and Managed PKI Hands-On Lab

Microsoft OCS with IPC-R: SIP (M)TLS Trunking. directpacket Product Supplement

Setting Up SSL on IIS6 for MEGA Advisor

etoken Enterprise For: SSL SSL with etoken

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Installing and Configuring a Server Certificate for use by MailSite Fusion with TLS/SSL A guide for MailSite Administrators

Wavecrest Certificate

HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery

LAB 1: Installing Active Directory Federation Services

Browser-based Support Console

Exchange 2010 PKI Configuration Guide

INSTALLING YOUR SSL CERTIFICATE ON THE FILEHOLD SERVER ON WINDOWS 2008 X64 ON IIS 7

Obtaining SSL Certificates for VMware View Servers

Obtaining SSL Certificates for VMware Horizon View Servers

LDAP over SSL Page 1 of 6.

Secure IIS Web Server with SSL

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

X.509 Certificate Generator User Manual

Configuring IPsec between a Microsoft Windows XP Professional (1 NIC) and the VPN router

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Scenarios for Setting Up SSL Certificates for View

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

SolarWinds Technical Reference

Step-by-step installation guide for monitoring untrusted servers using Operations Manager (Part 1 of 3)

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

ESET SECURE AUTHENTICATION. API SSL Certificate Replacement

Copyright

Using CertAgent to Obtain Domain Controller and Smart Card Logon Certificates for Active Directory Authentication

APNS Certificate generating and installation

YubiKey PIV Deployment Guide

Authentication in XenMobile 8.6 with a Focus on Client Certificate Authentication

App Orchestration 2.5

To install the SMTP service:

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

How to Configure a Secure Connection to Microsoft SQL Server

Install the Production Treasury Root Certificate (Vista / Win 7)

Installation Guide. SafeNet Authentication Service

Iowa Immunization Registry Information System (IRIS) Web Services Data Exchange Setup. Version 1.1 Last Updated: April 14, 2014

Installation valid SSL certificate

How To Set Up A Vpn Tunnel Between Winxp And Zwall On A Pc 2 And Winxp On A Windows Xp 2 On A Microsoft Gbk2 (Windows) On A Macbook 2 (Windows 2) On An Ip

SQL Server 2008 and SSL Secure Connection

Adding Digital Signature and Encryption in Outlook

How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication

Outlook Web Access Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Microsoft IIS Integration Guide

AD RMS Microsoft Federation Gateway Support Installation and Configuration Guide... 3 About this guide... 3

Verify LDAP over SSL/TLS (LDAPS) and CA Certificate Using Ldp.exe

User Documentation for SmartPolicy. Version 1.2

Using etoken for SSL Web Authentication. SSL V3.0 Overview

DMZ Server monitoring with

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Setup SSL in SharePoint 2013 Using Domain Certificate

SCCM Client Checklist for Windows 7

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

MailStore Outlook Add-in Deployment

Generating an Apple Enterprise MDM Certificate

HTTP Server Setup for McAfee Endpoint Encryption (Formerly SafeBoot) Table of Contents

CLIENT CERTIFICATE (EAP-TLS USE)

Troubleshooting smart card logon authentication on active directory

Ciphermail Gateway EJBCA integration guide

O Reilly Media, Inc. 3/2/2007

Windows Server 2008 Server Core Installation. Jorge A. Ovando Zalapa. 28 May 2010

Guide for Generating. Apple Push Notification Service Certificate

Sophos Anti-Virus for NetApp Storage Systems startup guide

How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG)

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Intel vpro Technology. How To Purchase and Install Symantec* Certificates for Intel AMT Remote Setup and Configuration

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Releasing blocked in Data Security

Windows Live Mail Setup Guide

Check Point FDE integration with Digipass Key devices

Create, Link, or Edit a GPO with Active Directory Users and Computers

Certificates for computers, Web servers, and Web browser users

DIGIPASS CertiID. Getting Started 3.1.0

Setting up Hyper-V 2012 Replication on Workgroup Servers

BASIC CLASSWEB.LINK INSTALLATION MANUAL

Junio SSL WebLogic Oracle. Guía de Instalación. Junio, SSL WebLogic Oracle Guía de Instalación CONFIDENCIAL Página 1 de 19

Erado Archiving & Setup Instruction Microsoft Exchange 2010 Push Journaling

App Orchestration 2.0

This document details the following four steps in setting up a Web Server (aka Internet Information Services -IIS) on Windows XP:

Generating an Apple Push Notification Service Certificate

Certificate Request Generation and Certificate Installation Instructions for IIS 5 April 14, 2006

Instructions. Introduction

DriveLock Quick Start Guide

2. In the Search programs and files field, enter mmc and hit the enter key

Promap V4 ActiveX MSI File

What information will you find in this document?

Configuration Guide for RFMS 3.0 Initial Configuration. WiNG 5 How-To Guide. Digital Certificates. July 2011 Revision 1.0

Chapter 2 Editor s Note:

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

Distributing SMS v2.0

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

Transcription:

SAPO Trust Centre - Generating a SSL CSR for IIS with SAN

1. Open Certificate MMC snap in for your computer 2. Click on Start > Run > MMC > File >Add/Remove Snap In > Select Certificates > Click Add > Select My Computer 3. In the Certificates snap-in, right-click the Personal folder, point to All Tasks, point to Advanced Operations, and then click Create Custom Request. This will start the Certificate Enrollment wizard. 4. Click Next.

5. Click Proceed without enrollment policy, and then click Next. 6. In the Template list, click (No template) Legacy key. For Request format, click either PKCS #10. PKCS #10 is generally accepted by all CAs. Click Next. 7. Click the Details arrow, and then click Properties. You will need to configure all the certificate request options so that the issued certificate will be suitable for TLS/SSL.

8. On the General tab: Leave all fields empty. 9. On the Subject tab:

Before a) In the Subject name area under Type, click Common Name (CN) secure.treasurygov.za. b) In the Subject name area under Value, enter the fully qualified domain name of the server, and then click Add. c) Repeat steps a and b above for each of the following: Organizational Unit (OU) Organization(O) Location (L) State(S) Country Chief Directorate: Information & Communication Technology National Treasury Pretoria Gauteng ZA d) In the Alternative name area under Type, click DNS. e) In the Alternative name area under Value, enter the fully qualified domain name of the server, and then click Add. f) Repeat steps c and d above for each SAN you want to specify. See picture below:

After 10. On the Extensions tab: a) Click the Key usage arrow. In the Available options list, click Digital signature, and then click Add. Click Key encipherment, and then click Add.

b) Click the Extended Key Usage (application policies) arrow. In the Available options list, click Server Authentication and then click Add. c) Basic Constraints, Include Symmetric Algorithms and Custom Extension Definition, leave unchanged/default. 11. On the Private Key tab: a) Click the Cryptographic Service Provider arrow, and verify the following: a) Choose only Microsoft RSA SChannel Cryptographic Provider is enabled. b) Click the Key options arrow. In the Key size list, select 2048 key size. Select the Make private key exportable check box. Do not select either the Allow private key to be archived or Strong private key protection check box.

c) Click the Key Type arrow. Mark the keyset for Exchange and do NOT leave it at Signature (which is the default). d) Click the Key permissions arrow. If the application or service runs as Network Service, grant the Network Service account Read permission. If the application or service that will use this certificate runs as Local System, no permissions changes are required.

12. Click OK. 13. Click Next. 14. Enter a path and file name indicating where the request file will be saved. 15. Select the Base 64 format. 16. Click Finish.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information