?
Solved

Server Authentication Certificate Request

Posted on 2011-10-19
8
Medium Priority
?
296 Views
Last Modified: 2012-05-12
I need to obtain a SSL cert for one of my wireless access points for enterprise authentication.

If i go to my DC Certificate Snap-in, I don't' seem to be able to create the CSR.
Under Local Computer>Personal>Certificates I select All Tasks>Advance Options>Create Custom Request.

Is this the proper way to do it? How can I accomplish this? My CA is Go Daddy.

Thanks,
0
Comment
Question by:cheto06
  • 4
  • 4
8 Comments
 
LVL 18

Expert Comment

by:LesterClayton
ID: 36994973
Hmm.  Interesting question here, but only because you've specified a third party Certificate Authority.  The Certificate authority will only grant you certificates for domains which exist.  Does your network device have a proper DNS Domain name ?  If yes, then creating the certificate request for identification should be a simple enough task that you can create a domain certificate request using any server running IIS.  Just select the server node, double-click "Server Certificates", and then "Create Certificate Request" where you can specify the Common name (hostname of the wireless access point).

If this network device is internal only, and uses a DNS Domain that is local to you, then you are going to have to set up your own PKI.  I'd recommend Windows 2008 R2 Enterprise, because it supports  the creation Custom Certificate Templates.  It's also the only version of Certificate Services which will support the Network Device Enrollment Service

More information about Certificate Services in Windows 2008: http://technet.microsoft.com/en-us/library/cc772393%28WS.10%29.aspx
0
 

Author Comment

by:cheto06
ID: 36995082
My domain uses windows 2008 (not R2) Can i install this on a stand alone win 2008 R2 server as an Enterprise CA?
0
 
LVL 18

Expert Comment

by:LesterClayton
ID: 36995598
Yes, the Certificate Authority does not have to be a domain controller, although it has to be a domain member, and running Windows 2008 Enterprise to be able to take advantage of the Enterprise features.  R2 would be better of course, it has more features over plain 2008.

When installing, ensure that you are an enterprise administrator.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:cheto06
ID: 36996573
Trying your suggestion from a server with ISS 7.0
Just select the server node, double-click "Server Certificates", and then "Create Certificate Request" where you can specify the Common name (hostname of the wireless access point).

I don't seem to be able to find Server Certificates. You are referring to server node inside IIS Manager correct?
0
 
LVL 18

Expert Comment

by:LesterClayton
ID: 36996592
I meant this part

 Server Certificates
It should be part of any IIS Installation, because SSL is a standard feature offered by all IIS 7.x servers.  I know the image is 7.5, but it should be the same in IIS 7.0
0
 

Author Comment

by:cheto06
ID: 36996637
I am blind!

Thanks I found it.
Juan
0
 

Author Comment

by:cheto06
ID: 36996877
One more question:
So i Open Server Certs and click on Create new CSR, filled in all the info requested but i don' know where it went after completion. I need to input the CSR info in to my CA CSR request.
0
 
LVL 18

Accepted Solution

by:
LesterClayton earned 2000 total points
ID: 36998253
After you fill in the information, it should prompt you to save it as a text file - look in your standard folders to see if it's been saved there.  The default location is %userprofile%\documents

This is the request you send to godaddy.  They will send you certificates once they've verified the request with the domain administrative contact, and you use these certificates on your Wifi device.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlleā€¦
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question