Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

This guide describes the process of creating a custom CSR

Checklist

The checklist is a tool to ensure you remember to perform all steps in the how-to article. It provides an overview with the option to drill down into the how-to guide. If possible make the checklist chronological.

  • Ensure you have the requested URLs
  • Ensure the customer has completed the DNS registrations for the desired URLs
  • Ensure you have the customers legal company information including: Organisation/Company name, Organisational Unit/Department, street, city, state/Locality and Country
  • Created the CSR
  • Send the CSR to the customer


Things to be aware of!


How-to guide:

  • Logon to the server over RDP

  • Open an Microsoft Management Console, by clicking on the start button and typing MMC

  • Once the MMC is open, click File>Add/Remove Snap-in

  • Then select Certificates and click Add and then click OK

  • Now select Computer account and click Next

  • Ensure Local computer is selected and click Finish

  • Click OK, now expand Certificates (Local Computer)

  • Expand Personal Right click Certificates, select All Tasks, Select Advanced Operations and select Create Custom Request

  • In the Certificat Enrollment box, click Next

  • In the Select Certificate Enrollment Policy box, click Next

  • In the Custom request box, click Next

  • In the Certificate Enrollment box, click on the drop down arrow next to Details

  • Click Properties

  • In the Certificate Properties on the General tab Input a Friendly Name a Description is Optional and click Apply

  • On the Subject tab this where you add the Common Name, Organisation, Organisational Unit, Street, City and Country. These are all found under Subject name.

  • It will look something like this

  • Under Alternative name is where you can add additional URLs eg Media Manager, Office Connector and Adobe Connector, all can be served by a single certificate knows as a SAN. You achive this by selecting DNS under Alternative name, typing the URL and clicking Add.

  • Click Apply and then select the Private Key tab

  • Under Cryptographic Service Provider, ensure RSA, Microsoft Software Key Storage Provider, is selected

  • Under Key options ensure 2048 is selected (Note if you are including URLs for a Test environment, ensure Make private key exportable is also selected)

  • Under Select Hash Algorithm select sha256 and click Apply and OK

  • Back at the Certificate Information box click Next

  • On the Certificate Enrollment box, click on browse to your desired folder location, Give the CSR a Name and click Save, then click Finish

  • Close the MMC console and send the CSR to the customer


Your contribution is important

Help us improve - together!

If you’d like to provide any feedback or suggested improvements to this guide, please feel free to leave a comment and the author will be notified.

Thank you.

  • No labels