3.4.1. Create certificates on the customer side
3.4.1.3. Manual certificate application (without template)
Prev  Next
3.4.1.3. Manual certificate application (without template)

The manual certificate request can also be performed without template.

[Note]Note

If the customer has provided a template for a webserver cert, the variant with the template should be used; if not, you have to go through the complete manual request generation what is described in the following.

  1. Call up "certlm ":

    1. Via Windows Start menu -> Manage computer certificates

    2. Via PARTadmin -> category Application Server -> AppServer service [AppServer Service] -> tab page Port configuration -> SSL -> certlm.msc

    Manage computer certificates

    Manage computer certificates

    certlm.msc

    certlm.msc

  2. In certlm [Certificates - Local Computer] under My Certificates -> Certificates under All Tasks -> Advanced Tasks, click Create Custom Request....

    Create Custom Request...

    Create Custom Request...

    -> The Certificate registration -> Preparation dialog opens.

  3. Click Next.

    Before You Begin

    Before You Begin

  4. Select the Custom request option (if available) and click Next.

    Select Certificate Enrollment Policy

    Select Certificate Enrollment Policy

  5. Select " (No template) CNG key " in the list field under Template.

    Under Request format, select the option PKCS #10.

    Custom request

    Custom request

  6. Click Next.

    -> The Certificate registration -> Certificate information dialog opens.

  7. Click on the Properties button.

    Certificate Information

    Certificate Information

    -> The Certificate properties dialog opens.

  8. Enter appropriate information as under Section 3.4.1.2, “Manual certificate application (with template) ”.

  9. Close the Certificate properties dialog by clicking OK.

    -> The Certificate Registration -> Certificate Information dialog appears again.

    Certificate Information

    Certificate Information

  10. Click Next.

    -> The dialog Where do you want to save the offline request? is displayed.

    Specify the file name of the certificate request to be generated and click Finish.

    Where do you want to save the offline request?

    Where do you want to save the offline request?

  11. Now send the file servercert.req to the administration so that they can sign the request with the company CA.

    You will get back a signed certificate as *.crt file.

  12. Import the certificate back into the local store under My certificates > Certificates (as admin).

    To do this, select the certificate, open the context menu and click on Install certificate or in certlm under My certificates > Certificates on the context menu command All tasks > Import.

    Install Certificate

    Install Certificate

    Import...

    Import...

    After importing the certificate, the Certificate Information dialog should display "You have a private key for this certificate".

    Certificate Information

    Certificate Information

Now everything works automatically.

Prev Up Next
3.4.1.2. Manual certificate application (with template)  Home 3.4.2. Create a self-signed certificate