Solved

makecert error when creating service certificate

Posted on 2013-06-27
2
2,131 Views
Last Modified: 2013-06-29
I am attempting to configure a Microsoft Dynamics NAV 2013 Service Tier Server to accept the NAVUserPassword ClientServicesCredentialType.  It is a development environment and those that access the server will be in a different untrusted domain.

I have been happily following a blog related to the subject and using makecert to create the certificates.  Here are my steps:

Create and import via mmc the root certificate
makecert -n "CN=RootEW7DevServiceCA" -r -sv RootEW7DevServiceCA.pvk RootEW7DevServiceCA.cer

Create and import via mmc the revocation certificate
makecert -crl -n "CN=RootEW7DevServiceCA" -r -sv RootEW7DevServiceCA.pvk RootEW7DevServiceCA.crl

When I try this final step...

makecert -sk EW7DevSerivce -iv RootEW7DevServiceCA.pvk -n "CN=EW7DevSerivce" -ic RootEW7DevServiceCA.cer -sr localmachine -ss my -sky exchange -pe EW7DevSerivce.cer

makecert throws the following error:
Error: Can't create the key of the subject ('EW7DevService')
Failed

I've diddled with permissions on
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
and I think they are correct.  Local Administrators (I am one) and Everyone with "Special" permissions.

I'm stumped - anybody got any ideas?
0
Comment
Question by:tarkmyler
2 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 39285939
See if this helps - mentioned -sr CurrentUser

http://nerdwords.blogspot.sg/2008/01/makecertexe-error-can-create-key-of.html

if you are creating a root certificate, you should add -cy authority parameter

another simpler for info
http://blogs.technet.com/b/jhoward/archive/2005/02/02/365323.aspx

btw, I do see typo e.g. EW7DevSerivce instead of EW7DevService though it should not matter
0
 

Author Comment

by:tarkmyler
ID: 39287247
Oh boy howdy.  That dyslexic streak lifted its ugly head again.  I Changed Serivce to Service and the makecert command succeeded.  Thank you!
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
When the confidentiality and security of your data is a must, trust the highly encrypted cloud fax portfolio used by 12 million businesses worldwide, including nearly half of the Fortune 500.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question