After opening Windows Wordpad, open the rui.csr file that was generated by OpenSSL.
When the "rui.csr" file is opened in WordPad, a block of text that begins with "-----BEGIN CERTIFICATE REQUEST-----" and ends with "-----END CERTIFICATE REQUEST-----" is displayed. From the File Menu, click "Edit -> Select All" to select the entire content of the "rui.csr" file.
Copy the contents of the rui.csr file to the clipboard by clicking on Edit -> Copy (or simply press CTRL+C).
In the examples referenced in this article, Microsoft Certificate Services is installed on the same Windows Server as OpenSSL. Our server is called LABSSL01.uk.labs.virtualvcp.com. However it is not a requirement that Microsoft Certificate Services and OpenSSL is installed on the same server.
Open a new browser window and navigate to the Microsoft Certificate Services URL. As Microsoft Certificate Services is installed on the same host as where the browser is running, the URL referenced is http://localhost/certsrv. However, if the Microsoft Certificate Services server is not on the same host, the URL should contain: http://<ca-hostname-or-ip-address>/certsrv
The Microsoft Certificate Services Welcome page is displayed. Under Select a task click on "Request a certificate".
At the next page, click “advanced certificate request”
Click "Submit a certificate request by using a base-64-encoded CMC or PKCS#10 file, or submit a renewal request by using a base-64-encoded PKCS#7 file."
At the next page, right click in the Saved Request field and click “Paste”. This will paste the Certificate Request text that was copied to the clipboard, into the Saved Request field
To submit the new SSL Certificate Request to the Certificate Authority, click the "Submit" button.
The next page will confirm that the certificate request has been received.
Now that the new certificate request has been submitted to the CA, we need to sign the certificate.
To issue and sign the new certificate request, open the Microsoft Certification Authority Management Console: Start -> Run -> certsrv.msc -> OK
The Certification Management Console opens. From the left pane, click “Pending Requests”. The new certificate request is displayed in the right pane
To issue the new SSL certificate, right click on the pending certificate request, select “All Tasks” and click on “Issue”.
Open a new browser window and again navigate to the Microsoft Certificate Services URL. At the Welcome page, click “View the status of a pending certificate request”
Select the Saved Request Certificate from the list
At the Certificate Issues page, select “Base 64 Encoded” then click “Download certificate”
The File Download Dialog opens. Click “Save”
Using the Save As dialog, navigate to the “C:\OpenSSL-Win32\bin” folder. Under the “Save as type” drop down menu, select “All files”. At the “File name” field, enter “rui.crt”. Click Save
Now that we have a new SSL Certificate, continue to Step 4: Create a new PFX-Formatted Certificate
Comments (0)