Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

How Do I Create a Server 2003 Self-Signed Root Certificate?

How Do I Create a Server 2003 Self-Signed Root Certificate? thumbnail
Create a self-signed root certificate to enable the use of certificates in a development environment.

Developers wishing to create applications using Transport Layer Security (TLS) require an x.509 certificate, but this certificate must be part of a chain of certificates that includes a root in the local certificate store of the server. For most production environments the organization provides the root certificate from a trusted certificate authority, but developers can make this work by creating two certificates that mimic the chain: a self-signed certificate that is placed in the Trusted Root Certification Authorities store and a user certificate generated by the first and installed in either the Personal or Local Machine certificate store.

Instructions

    • 1

      Use makecert.exe to create the self-signed root authority certificate. On the server open a command prompt and type "makecert -n "CN=<CAMyName>" -r -sv <CAMyName>.pvk <CAMyName>.cer" where "<CAMyName> is the name of the certificate file you would like to create. Makecert.exe will prompt you for a password, so provide a strong one to secure the private key.

    • 2

      Install the root certificate in the Trusted Root Certification Authorities Store. Launch the Microsoft Management Console by clicking "Start" and typing "mmc.exe" in the run field. Click on "File" and "Add/Remove Snap-in...." Click "Certificates" and "Add." Click on the "Computer" radio button, "Finish" and "OK." Expand the "Certificates" tree and right-click on "Trusted Root Certificates." Choose "All Tasks" and "Import." Browse to the location of the "<CAMyName.cer>" file created earlier and click "OK."

    • 3

      Generate a new certificate signed by a root authority certificate. In the command prompt window type "makecert -sk <NewUserCert> -iv <CAMyName>.pvk -n "CN=<NewUserCert>" -ic <CAMyName>.cer <NewUserCert>.cer -sr currentuser -ss my" where <NewUserCert> is the name of the new certificate you will use and which will be signed by the self-signed root certificate <CAMyName>.

Related Searches:

References

  • Photo Credit key image by Bosko Martinovic from Fotolia.com

Comments

You May Also Like

Related Ads

thumbnail
Featured