How do I issue SSL Certificate?

How do I issue SSL Certificate?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
How do I issue SSL Certificate? David Sharman 09-11-2006
Posted by David Sharman on September 11, 2006, 12:04 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I require a digital signature and private key for uploading onto a
router/gateway in order to provide ssl connectivity for the web interface of
the gateway through which users will log on to gain access to the Internet.

The digital signature has to have a "CRT" extension and the private key
requires a "KEY" extension. I have been informed by the manufacturer that I
need a Base64 encoded digital certificate, do I need any other information
in order to create a valid digital certificate for use on the gateway?

How can I do this using Windows Server 2003 SP1? Also, should I select Stand
Alone CA or Enterprise CA when installing Digital Services on the Server
itself?

Users of the gateway will log on the gateway from a public LAN and the
gateway will verify log on details via RADIUS using the Windows 2003 Server
on a Private Network.

Thank you for your assistance

David Sharman
Regional Computer Services



Posted by S. Pidgorny on September 11, 2006, 4:50 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Interesting. The thing is that .key/.crt aren't describing general
convention on encoding cryptomaterial. The gateway vendor name/device model
would help.

I assume that the key/cert files are those in OpenSSL sense. I generally
recommend OpenSSL as the conversion tool of choice.

You start with enrolling and export it into a PKCS #12 (.p12/.pfx) file.
Details for that, for example, please find at
http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/confeat/advcert.mspx

Then you use OpensSSL for conversions. The commandlines would be something
like this:

openssl pkcs12 -clcerts -nokeys -in mypersonalkey.p12 -out mypersonalkey.crt
openssl pkcs12 -clcerts -nocerts -in mypersonalkey.p12 -out
mypersonalkey.key

(copy/paste from
http://support.globalsign.net/en/serversign/apachemodssl.cfm)

You can get OpenSSL binaries for Windows here:
http://www.slproweb.com/products/Win32OpenSSL.html

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-


>I require a digital signature and private key for uploading onto a
> router/gateway in order to provide ssl connectivity for the web interface
> of
> the gateway through which users will log on to gain access to the
> Internet.
>
> The digital signature has to have a "CRT" extension and the private key
> requires a "KEY" extension. I have been informed by the manufacturer that
> I
> need a Base64 encoded digital certificate, do I need any other information
> in order to create a valid digital certificate for use on the gateway?
>
> How can I do this using Windows Server 2003 SP1? Also, should I select
> Stand
> Alone CA or Enterprise CA when installing Digital Services on the Server
> itself?
>
> Users of the gateway will log on the gateway from a public LAN and the
> gateway will verify log on details via RADIUS using the Windows 2003
> Server
> on a Private Network.
>
> Thank you for your assistance
>
> David Sharman
> Regional Computer Services
>
>



Similar ThreadsPosted
how to issue certificates based on the content of certificate request January 25, 2008, 5:28 pm
Issue with enterprise internal Authenticode code signing certificate More options April 3, 2007, 8:41 am
"No Certificate Templates Could Be Found" Error Message When User Requests Certificate from CA Web Enrollment Pages September 21, 2006, 1:33 pm
EFS Issue March 24, 2008, 3:20 pm
PKI S/MIME issue July 26, 2005, 2:20 pm
IE URL Security issue maybe? October 5, 2005, 9:03 pm
SMB Issue with new server? October 13, 2005, 11:09 am
I need help with a rights issue March 14, 2006, 3:49 pm
SCW transform issue April 27, 2006, 5:47 pm
Security issue June 7, 2006, 2:30 pm

The site map in XML format XML site map

Contact Us | Privacy Policy