This post explains how you can build your own Certfication Authority[CA] with Windows 2003.
I have explained the same in my previous post - but with OpenSSL.
First make sure that you have installed Certificate Services.
Select stand-alone root CA.
Set private/public key pair for the CA.
Set certificate database settings.
Done. Your CA is ready to issue certificates.
Let's create private/public key pair for any server and generate a certificate signing request [CSR] for it.
The above will generate the CSR - wso2wsas.cert.req, which we can submit to the CA which we just created, to get it signed.
[SAMPLE]\>keytool -genkey -alias wso2wsas -keyalg RSA -keystore wso2wsas.jks
[SAMPLE]\>keytool -certreq -keystore wso2wsas.jks -alias wso2wsas -file wso2wsas.cert.req
Go to Control Panel --> Certification Authority.
Right click on WSO2CA --> All Tasks --> Submit New Request --> Submit the file wso2wsas.cert.req.
Now, you'll find the submitted request under, 'Pending Requests'.
Righ click on it --> All Tasks --> Issue.
You'll find the signed certificate under 'Issued Certificates'.
0 comments:
Post a Comment