• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 581
  • Last Modified:

Creating an SSL certificate

Hello all

I setup a windows 2008 enterprise Certificate Authority in a domain call RXS. I also have a webserver that is not connected to the domain

I currently have users able to connect to the web server using a URL

I now want to add an SSL cert to the URL using my Enterprise Certificate Auth.

I tried several methods but unsuccessful

Please help (This is for test purposes so please I know about using verisign etc)

1 Solution
Daniel HelgenbergerCommented:
I do not know if this is the supposed way, but it works for me:
Install IIS with management tools on any domain joined machine.
Use IIS admin and select your server. Locate SSL Certificates. There, choose "Create Domain Certificate" from the right tab. Set everything to your needs, selecting your Domain CA in the process.
Once this is done, the new certificate will be listed there. Right click it, choose export. This way a PCS#12 PFX will be exported, complete with certificate and private key. Using openssl / or a web service convert it to the format needed.

Another way would be to use for instance easyRSA with an Intermediate signing authority. Create an intermediate CA signing request and complete it with your domain (see above). Export it and convert it for easyRSA. This way you can now sign certificates with easyRSA.

You also can export your CA of course (you do this with "backup CA") - using it with easyRSA. But I think the Intermediate CA way is cleaner.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now