Did you know: Configure Client Certificate Mapping in FTP 7.5 - Part 2

by Vivek 3/3/2010 9:02:00 AM

This is Part 2 of our series on implementing Client Certificate mapping in FTP 7.5. Today we will Install Server Certificate on IIS.

In Part 1, I gave you a brief background of the environment we will be working on in our scenario.

Issue Server Certificate

  1. Click on the computer name in IIS Manager and double click on Server Certificates

    image007_thumb 
  2. Click on Create Certificate Request…

    image008_thumb
  3. Fill in the textboxes as per your requirement.

    image009_thumb
  4. Let the Cryptographic service provider be as default

    image010_thumb
  5. Select a location to save the certificate request

    image011_thumb
  6. Click Finish
  7. Send this file across to your CA to provide a response; in our case we will generate the response by accessing the local CA website.
  8. Access the CA, by typing https://server1/certsrv in Internet Explorer
  9. Click on Request Certificate
  10. Click on advanced certificate request
  11. Click on Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
  12. Open the certreq.txt, we generated in Step 5 and select the text from the line below ---BEGIN NEW CERTIFICATE REQUEST---- till ----END NEW CERTIFICATE REQUEST---- and copy it.

    image012_thumb 
  13. Paste the text in Saved Request
  14. Under Certificate Template: select Web Server and click Submit
  15. Click Yes in the Web Access Confirmation prompt (if it appears)
  16. Select Base 64 encoded and click on Download certificate and Download certificate chain and save them.
  17. You should have 2 files, one certnew.cer and certnew.p7b
  18. Open IIS Manager, click on computer name and double click Server Certificate
  19. Click Complete Certificate Request…

    image013_thumb
  20. Select certnew.cer we saved earlier, click OK

    image014_thumb
  21. We now have Server Certificate installed on IIS

    image015_thumb
  22. You should also install the Certificate Chain, as your CA will not be in the Trusted Root CA list.

Next, we will create FTP site and enable Client Certificate on FTP. Stay tuned…

Hope this helps,
Vivek Kumbhar


Quote of the day:
If there's anything unsettling to the stomach, it's watching actors on television talk about their personal lives. - Marlon Brando

Tags: , , , , , ,

Did you know | FTPS | IIS 7 | Step By Step

blog comments powered by Disqus

Who is Rahul?

Rahul

He works for Microsoft and likes Software & Gadgets!

He shares some interesting notes here while working with stuff that excites him.

Disclaimer

The opinions expressed herein are our own personal opinions and do not represent our employer's view in any way.
© Copyright 2014, Rahul Soni