This Blog Is Not Updated Any More.

Check out my new blog on Medium:

Topics: Identity and Access Management, Blockchain, Ethereum, Bitcoin, Security, PSD2, GDPR

Monday, November 10, 2008

Buliding your own CA infrastructure with Windows 2003

This post explains how you can build your own Certfication Authority[CA] with Windows 2003.

I have explained the same in my previous post - but with OpenSSL.

1. First make sure that you have installed Certificate Services.

2. Select stand-alone root CA.

3. Set private/public key pair for the CA.

4. Set certificate database settings.

5. Done. Your CA is ready to issue certificates.

Let's create private/public key pair for any server and generate a certificate signing request [CSR] for it.
[SAMPLE]\>keytool -genkey -alias wso2wsas -keyalg RSA -keystore wso2wsas.jks

[SAMPLE]\>keytool -certreq -keystore wso2wsas.jks -alias wso2wsas -file wso2wsas.cert.req
The above will generate the CSR - wso2wsas.cert.req, which we can submit to the CA which we just created, to get it signed.

1. Go to Control Panel --> Certification Authority.

2. Right click on WSO2CA --> All Tasks --> Submit New Request --> Submit the file wso2wsas.cert.req.

3. Now, you'll find the submitted request under, 'Pending Requests'.

4. Righ click on it --> All Tasks --> Issue.

You'll find the signed certificate under 'Issued Certificates'.