Requesting a Web Server Certificate

Requesting a new certificate varies depending on your company policies. This document describes how to request a new web certificate if using an Active Directory Enrollment Policy.

To request a web server certificate:

1. Open the local machine certificate snap-in by entering the command: certlm.msc.

2. Expand the Personal folder and right-click the Certificates folder. In the context menu, select All Tasks - Request New Certificate...

3. In the "Certificate Enrollment" wizard, at the "Before You Begin" screen, click Next.

4. At the "Select Certificate Enrollment Policy" screen, select Active Directory Enrollment Policy and then click Next.

5. At the "Request Certificates" screen, select the web server certificate template, and click the link More information is required to enroll for this certificate. Click here to configure settings.

6. At the "Certificates Properties" screen, in the "Alternative name" section, use the Type drop-down and select DNS. In the Value field, enter the FQDN of the StifleR server in which the certificate will be installed. You can also add additional values for DNS (CNAME) Aliases. Click OK to save the settings.

7. Once complete, click Enroll and then click Finish to close the wizard.

8. You should see the certificate in the certificates store. Double-click the certificate and click the Details tab.

9. Scroll down and select the Subject Alternative Name field, in the value box, you should see the DNS Name you entered earlier.

10. Select the Thumbprint field. In the value box, you should see the certificate thumbprint. This can be copied by using the hotkeys CTRL-C. It is important to capture this value to add to the StifleR Config file when implementing HTTPS in StifleR.