asked on

DER-Encoded Cert for 2012 Server R2

Vendor application requires me to generate SSL Cerificate. The certificate utilized must be DER-encoded X.509
How do I generate this on a Server 2012 R2 ?
It must be created with following configuration,;
certificate file ext: .cer or .der , key algorithm : RSA; Signature algorithm: SHA256 with RSA
Key size: 2048 or higher; Enchanced key useage: Must NOT contain Client Authentication; Template : Web Server

Shaun Vermaak

You can do a self-signed DER-Encoded X.509 via IIS and with CERTUTIL.exe
https://technet.microsoft.com/en-us/library/ff710475(v=ws.10).aspx

arnold

You have to contact the vendor in question and get them to explicitly define the type and functions the certificate needs to have.
There are different types, a certificate that identifys the server, client, a function such as mail exchange, code signing, personal identifier.

The function and type are configuration of the file Shaun's link points to. Look at OpenSSL to setup/have a self-signed CA if you do not have a Windows based CA.

jim3725

ASKER

Thanks for link for instructions Shaun. I have followed these steps for exporting certificate. The certificate is located in Personal Certificates. The cert name is MedNet Is their anything else that is required? How do I implement this MedNet cert to be used for ssl ?

Shaun Vermaak

Check that it is used in IIS

jim3725

ASKER

Under Server Certificates, Do I have to complete Certificate Request? THe purpose of DER-encoded X.509 certificate is to be utilitzedf for ssl communication within the Server environment.

ASKER CERTIFIED SOLUTION

Shaun Vermaak

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial