Did you know: Configure Client Certificate Mapping in FTP 7.5 - Part 2

by Vivek 3/3/2010 9:02:00 AM

This is Part 2 of our series on implementing Client Certificate mapping in FTP 7.5. Today we will Install Server Certificate on IIS.

In Part 1, I gave you a brief background of the environment we will be working on in our scenario.

Issue Server Certificate

  1. Click on the computer name in IIS Manager and double click on Server Certificates

  2. Click on Create Certificate Request…

  3. Fill in the textboxes as per your requirement.

  4. Let the Cryptographic service provider be as default

  5. Select a location to save the certificate request

  6. Click Finish
  7. Send this file across to your CA to provide a response; in our case we will generate the response by accessing the local CA website.
  8. Access the CA, by typing https://server1/certsrv in Internet Explorer
  9. Click on Request Certificate
  10. Click on advanced certificate request
  11. Click on Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
  12. Open the certreq.txt, we generated in Step 5 and select the text from the line below ---BEGIN NEW CERTIFICATE REQUEST---- till ----END NEW CERTIFICATE REQUEST---- and copy it.

  13. Paste the text in Saved Request
  14. Under Certificate Template: select Web Server and click Submit
  15. Click Yes in the Web Access Confirmation prompt (if it appears)
  16. Select Base 64 encoded and click on Download certificate and Download certificate chain and save them.
  17. You should have 2 files, one certnew.cer and certnew.p7b
  18. Open IIS Manager, click on computer name and double click Server Certificate
  19. Click Complete Certificate Request…

  20. Select certnew.cer we saved earlier, click OK

  21. We now have Server Certificate installed on IIS

  22. You should also install the Certificate Chain, as your CA will not be in the Trusted Root CA list.

Next, we will create FTP site and enable Client Certificate on FTP. Stay tuned…

Hope this helps,
Vivek Kumbhar

Quote of the day:
If there's anything unsettling to the stomach, it's watching actors on television talk about their personal lives. - Marlon Brando

Tags: , , ,

Did you know | IIS | Tips and Tricks | Web Server

blog comments powered by Disqus