• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Server 2008 Certificate Signing Request

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exchange 2000 // 2003 // 2007 & Active Directory

View previous topic :: View next topic  
Author Message
vrabuffo
Just Arrived
Just Arrived


Joined: 14 Dec 2010
Posts: 0


Offline

PostPosted: Tue Dec 14, 2010 4:37 pm    Post subject: Server 2008 Certificate Signing Request Reply with quote

A quick question---Can a server 2003 CA sign a Server 2008 CSR.

We have a 2003 AD domain with the domain controller being the Certificate Authority. I created a CSR on a 2008 domain member using IIS.

When trying to sign the request I recieved an error--The request contains no certificate template information" I used the certreq command to finally sign it designating the "WebServer" template but not sure if thats correct.

Any feedback would be appreciated.
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Wed Dec 15, 2010 1:10 pm    Post subject: Reply with quote

vrabuffo,

On the 2003 CA Server there is a web portal for Registration Authority (RA). Upload the CSR to the RA in IIS and then the CSR will appear as an item requested certificate in the CA snap-in. Right click and sign the request.

Voila.

Fire Ant
Back to top
View user's profile Send private message
vrabuffo
Just Arrived
Just Arrived


Joined: 14 Dec 2010
Posts: 0


Offline

PostPosted: Wed Dec 15, 2010 3:59 pm    Post subject: A quick question---Can a server 2003 CA sign a Server 2008 C Reply with quote

Thank you, that did work to create the certificate but now I receive an error---The security certificate presented by this server was issued for a different server address.

This error appears when I use the https address via online plugin to connect to our new xenapp6 server.
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Thu Dec 16, 2010 12:38 pm    Post subject: Reply with quote

I suspect this is an issue with the CN field in the Distinguished Name attribute.

For example:
Your cert has the following: CN=myserver.com

You connect to www.myserver.com, both addresses resolve to the same IP. The browser will compare the address you typed to that in the CN and if they don't match then non-fatal error!

To fix the problem you need to either connect to the address in the CN or create a cert with a CN to the address which you app is connection to.

Fire Ant
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exchange 2000 // 2003 // 2007 & Active Directory All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter