This guide describes the process of creating a custom CSR
Checklist
The checklist is a tool to ensure you remember to perform all steps in the how-to article. It provides an overview with the option to drill down into the how-to guide. If possible make the checklist chronological.
- Ensure you have the requested URLs
- Ensure the customer has completed the DNS registrations for the desired URLs
- Ensure you have the customers legal company information including: Organisation/Company name, Organisational Unit/Department, street, city, state/Locality and Country
- Created the CSR
- Send the CSR to the customer
Things to be aware of!
How-to guide:
Logon to the server over RDP
Open an Microsoft Management Console, by clicking on the start button and typing MMC
Once the MMC is open, click File>Add/Remove Snap-in
Then select Certificates and click Add and then click OK
Now select Computer account and click Next
Ensure Local computer is selected and click Finish
Click OK, now expand Certificates (Local Computer)
Expand Personal Right click Certificates, select All Tasks, Select Advanced Operations and select Create Custom Request
In the Certificat Enrollment box, click Next
In the Select Certificate Enrollment Policy box, click Next
In the Custom request box, click Next
In the Certificate Enrollment box, click on the drop down arrow next to Details
Click Properties
In the Certificate Properties on the General tab Input a Friendly Name a Description is Optional and click Apply
On the Subject tab this where you add the Common Name, Organisation, Organisational Unit, Street, City and Country. These are all found under Subject name.
It will look something like this
Under Alternative name is where you can add additional URLs eg Media Manager, Office Connector and Adobe Connector, all can be served by a single certificate knows as a SAN. You achive this by selecting DNS under Alternative name, typing the URL and clicking Add.
Click Apply and then select the Private Key tab
Under Cryptographic Service Provider, ensure RSA, Microsoft Software Key Storage Provider, is selected
Under Key options ensure 2048 is selected (Note if you are including URLs for a Test environment, ensure Make private key exportable is also selected)
Under Select Hash Algorithm select sha256 and click Apply and OK
Back at the Certificate Information box click Next
On the Certificate Enrollment box, click on browse to your desired folder location, Give the CSR a Name and click Save, then click Finish
Close the MMC console and send the CSR to the customer
Your contribution is important
Help us improve - together!
If you’d like to provide any feedback or suggested improvements to this guide, please feel free to leave a comment and the author will be notified.
Thank you.