Re: Use of a customized web server certificate template with IIS

From: Anette Andresen (anette_andresen_at_hotmail.com)
Date: 01/25/05 

Date: Tue, 25 Jan 2005 09:55:35 +0100

Thanks Mike! It worked perfectly :-)

Anette

"Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
news:%23rTkZBAAFHA.2180@TK2MSFTNGP12.phx.gbl...
> Hi Anette,
>
> I believe this would only apply if you selected "Send the Request
> Immediately to an Online CA" in Web Server Certificate Wizard.
>
> You still have an option to save the request to a file (you select
> "Prepare the Request Now, but send it later"). Whole process is described
> in Brian's book on page 389 and continues to page 393. In step 8 on page
> 392 you would select template that you prepared based on Web Server
> Certificate template...
>
> I hope this helps.
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "Anette Andresen" <anette_andresen@hotmail.com> wrote in message
> news:uBamXJ6$EHA.3416@TK2MSFTNGP09.phx.gbl...
>> Hi
>>
>>
>>
>> I am running an enterprise issuing CA in a Windows Server 2003 domain. A
>> web server with IIS (latest version) is also running in the domain. I
>> would like to issue a certificate to the IIS server based on a customized
>> web server certificate template (version 2 certificate template) from the
>> Issuing CA, and I wonder if this is possible and in that case how is it
>> done?
>>
>>
>>
>> In the PKI book from Brian Komar with the Microsoft PKI team it is said
>> (on page 385): "Although you can create a version 2 certificate template
>> based on the Web Server certificate template to enable modification of
>> application policies or certificate policies, this prevents use of the
>> Internet Information Services (IIS) Web Server Certificate Wizard. This
>> wizard, ., is hard-coded to use the Web Server certificate template
>> display name and does not allow use of a custom version 2 certificate
>> template."
>>
>>
>>
>> So this means that I will not be able to use the wizard at the IIS
>> server, but is there a way around this so that the IIS server's
>> certificate can be based on my own customized web server certificate
>> template? And if, how should it be done?
>>
>>
>>
>> Thanks!
>>
>>
>>
>> Anette
>>
>>
>
>

Relevant Pages

  • RE: Need assistance with Outlook over Internet config.
    ... I did not create a new web server certificate as there was an existing one. ... but you unable to get the RWW from external. ... Click the "Connect to the Internet" link. ...
    (microsoft.public.windows.server.sbs)
  • Re: Setup Certificates using CEICW
    ... public IP address (not your externally hosted web site). ... Ive been playing around with installs of SBS and its pretty clear for me ... Create A New Web Server Certificate ...
    (microsoft.public.windows.server.sbs)
  • Re: RWW ok intranet - doesnt work internet (SBS2003)
    ... When you run CEICW, under "Web Server Certificate", what are you using for ... the "Web Server Name"? ... a static IP and the A or MX records have been created, or the WAN IP address ... shouldn't have to worry about the SBS Basic firewall if you only have 1 NIC ...
    (microsoft.public.windows.server.sbs)
  • Re: exchange setup with static IP
    ... The Web Server certificate is the certificate required to configure SSL. ... You can buy one from a trusted authority or you can have SBS create one. ...
    (microsoft.public.windows.server.sbs)
  • Re: Jeez... how do I even start ????
    ... > When I would start IIS from the Administrative tools, ... > situation, with the same resolution as described in the msdn article, so ... A lot of these other posts also mentioned the ASPNET user. ... > the web server was running on this machine. ...
    (microsoft.public.dotnet.framework.aspnet)