Creating a Certificate Using the Microsoft CA server

The Microsoft CA server provides a standard internet browser interface for the creation of certificates.

NOTE   Before starting the following procedure, ensure that the current logged on user has Windows administrator privileges and has a valid keyset.

To create a certificate using MS CA server

1.Start the MS CA services interface by opening your web browser and specifying the Microsoft CA server URL. For example:

http://hostname/certsrv

The opening dialog for CA services appears.

2.Select the Request a certificate option and press Next to continue. You are prompted to select the request type.

3.Choose, Advanced request and press Next to continue. You will be presented with the Advanced Certificate Requests screen.

4.Select Submit a certificate request to this CA using a form, and press Next to continue. You will be presented with a form to input the certificate details.

5.Enter the details for the certificate into the fields provided:

a.Certificate Name: enter the host machine's name. This can be found by executing the standard Windows command hostname from a command prompt.

b.Intended Purpose: choose Server Authentication Certificate.

c.Key Options: choose SafeNet RSA SChannel Cryptographic Provider as the CSP

d.Key Usage: choose Exchange

e.Key Size: enter as required, eg. “1024”

f. select Create new key set

g. if you want to be able to back up the keys associated with the certificate at a later date, choose Mark keys as exportable

h. choose Use local machine store

i.Additional Options: choose Hash Algorithm, e.g. “MD5”

NOTE   If the current logged-on user’s keyset does not exist when the Safenet CSP is selected, the Hash Algorithm list box at the bottom of the screen will be empty. Should this be the case, abort this operation and create a keyset for the currently logged-on user before attempting this task again.

6.Press the Submit button when you have confirmed your inputs. If the Microsoft CA was configured to “Auto Issue” certificates, you are presented with the Certificate Issued dialog.

Click Install this certificate to complete the certificate request and installation.

If CA Services is not configured to auto-issue certificates, the dialog will state that your certificate request is pending. You will have to check on the status of the certificate using the CA services at a later time. When the certificate is ready, you are presented with the Certificate Issued dialog.


Customer Support Portal

SafeNet ProtectToolkit 5.7 Product Documentation  08 January 2020  Copyright 2009-2020 Gemalto. All rights reserved.