Generating a certificate
The generation of a certificate with an autonomous CA takes place in several steps:
- Generation of the request (Certificate Signing Request).
- Submissions of the application to AC.
- Generation of the answer.
- Finalization of the request to obtain the certificate.
Generation of the CSR
There are several ways to generate a CSR, in this tutorial we will do it under IIS.
1. Open an IIS console and click Server Certificates 1 .
2. On the Actions menu, click Create Certificate Request 1 .
3. Complete the certificate information 1 and click Next 2 .
The common name is the URL of the certificate.
4. Configure the 1 encryption then click Next 2 .
5. Enter the request save location (CSR) 1 and click Finish 2 .
The CSR is now generated, if you have done it on an IIS server other than the CA, you must copy the file to it.
Soumissions de la demande à AC
1. From the Authority Administration Console, right-click on the authority 1 , All Tasks 2 and click on Submit a new request 3 .
2. Select the request file (CSR) 1 and click on Open 2 .
3. Go to the Pending Request file 1 to see the pending certificate 2 .
Deliver the certificate
1. Right click on request 1 and click on All tasks 2 / Deliver 3 .
2. Go to Certificates issued 1 and double-click on certificate 2 .
3. Go to the Details tab 1 and click on the button Copy to a file 2 .
4. When launching the wizard, click Next 1 .
5. Select export format 1 then click Next 2 .
6. Enter the location and file name 1 and click the Next 2 button.
7. Click Finish 1 to close the wizard.
8. Verify that the certificate is exported.
Finalizing the request to obtain the certificate
1. Go to the IIS / Certificates console where the request was made and click Finish Certificate Request … 1 .
2. Select the certificate generated by CA 1 , enter a name 2 and click OK 3 .
3. The certificate is available 1 .
It is now possible to export the certificate with its private key