1.) Open up an admin mmc console
2.) add the local computer "certificates" snap in
3.) Under Personal, Right Click on certificates and click "Create Custom Request"
4.) click Next, the choose "Proceed without enrollment policy"
5.) Accept defaults and click next again
6.) Click details on the custom request and click properties. This is where you will add the certificate details.
7.) The friendly name will be what shows up for tracking.
8.) On the private key tab, make sure, under key options, to change the size to 2048, and make the private key exportable
9.) In the subject tab you will need to add the required information. As you can see the SAN's are DNS type and added under the alternative name.
10.) Once done, you can create the request and send it off to a Public Cert company.
11,) When you receive the certificate back, make sure you import it into the machine you requested it from. You then can export it with the private key so it can be imported into the ISA 2006 or TMG server. The certificate will be invalid if the private key is not kept.
No comments:
Post a Comment