Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Creating a Certificate Request with Tomcat 6 to be signed my our 2008 CA

Posted on 2011-09-26
1
Medium Priority
?
1,188 Views
Last Modified: 2012-05-12
I am using the below Tomcat website to create a Certificate Signing Request for our Windows 2003 Web server running Tomcat 6.
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
I use the following 2 commands;

1.    keytool -genkey -alias tomcat -keyalg RSA \ -keystore <your_keystore_filename>
2.    keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr \ -keystore <your_keystore_filename>

It creates  a certreq.csr.

I then Open my Windows 2008 Certificate Services CA and select; All Tasks/Submit New Request
Then select my certreq.csr file.
It gives me this error;
"The request contains no certificate template information 0x80094801 (-2146875391) Denied by Policy Module, the request does not contain a certificate template extension or the certificate template request attribute".



 
   
0
Comment
Question by:lanman777
1 Comment
 
LVL 30

Accepted Solution

by:
Brad Howe earned 2000 total points
ID: 36601576
Hi,

Sounds like you have an Enterprise CA. it was the same setup with 2003.

ECA's (Enterprise CA) require templates where SCA's (Standalone CA) can be submited through certsrv.
http://support.microsoft.com/kb/910249/en-gb

Typically, ECA's are sent directly to the CA. Give this a shot from commandline on the ECA.

certreq -submit -attrib "CertificateTemplate:WebServer" certreq.csr

It should be in Pending for you to process afterwards.
Cheers,
Hades666
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question