?
Solved

SBS2011 - CSR Certificate

Posted on 2016-09-13
4
Medium Priority
?
129 Views
Last Modified: 2016-09-14
I've a CSR due to expire.. the Code Signing Cert was issued by the SBS server to the administrator.

I can't work out what its being used by? whats the best course of action to make sure it doesn't break anything when it expires at the end of the month?

From the "MMC" "Certificates" should I "Renew this certificate with the same key"

I've also checked certs under IIS / and from the SBS console but they don't match the thumbprint.
0
Comment
Question by:Member_2_7968927
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41797481
Without being sacrastic, Code Signing Certificates are for signing code.  Now that that has been said...

Here is an article describing the concept of code signing.

Link:  https://msdn.microsoft.com/en-us/library/ms537361(v=vs.85).aspx

In general, nothing is actively using the cert.  It is used when a developer or admin want to include a signature in their code or scripts to verify that the accompanying code is for a specific or trusted source.

IIS would not use this cert.

I use a Code Signing Cert to sign my PowerShell scripts.

I would just renew is with the same key, to be safe.

Dan.
0
 

Author Comment

by:Member_2_7968927
ID: 41797636
Hi Dan, I've tried renewing it and I get an error: "the permissions on the certificate template fo not allow the current user to enrol for this type of certificate. you do not have permission to view this type of certificate".

I'm logged in as the domain\administrator and I've tried viewing the template for "Code Signing" but everything is greyed out.. on the security tab domain\admins have "Full Control"

Any other ideas?

Thanks
0
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 2000 total points
ID: 41797669
You need to adjust the permissions on the Code Signing certificate template.  Below is an article on how to modify a certificate template, just do this for the Code Signing.  The article uses the Web Server certificate in its example.

Link:  https://technet.microsoft.com/en-us/library/ee649249(v=ws.10).aspx

Also discussed here on EE.

Link:  https://www.experts-exchange.com/questions/26248590/you-do-not-have-permission-to-request-this-type-of-certificate.html

Dan
0
 

Author Closing Comment

by:Member_2_7968927
ID: 41798127
Thanks for your help Dan.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question