Good day All,
Team was working on a requirement where they have been asked to setup a SSL certificate for a website.. As this Website has to pass through ISA load balancer and we needed the same Web server certificate to be exported along with Private Key to be imported in ISA Server..
We have so many articles out there on how to request a certificate so i wouldn't go over that, so we received the certificate and when double clicked we saw that there was no Private Key attached..
Usually when we send a cer file to Certificate Authority(CA) we usually put a comment saying please send the certificate back with Private key enabled.. but that depends on the CA and we do get certificates back with our Private Key.
So how do we enable Private key there are lot of articles out there saying we can use "Serial Number" properties but that never worked us.. so we always used Thumbprint
Say Ctrl+C to copy and execute the following command in a
CMD.
Team was working on a requirement where they have been asked to setup a SSL certificate for a website.. As this Website has to pass through ISA load balancer and we needed the same Web server certificate to be exported along with Private Key to be imported in ISA Server..
We have so many articles out there on how to request a certificate so i wouldn't go over that, so we received the certificate and when double clicked we saw that there was no Private Key attached..
Usually when we send a cer file to Certificate Authority(CA) we usually put a comment saying please send the certificate back with Private key enabled.. but that depends on the CA and we do get certificates back with our Private Key.
So how do we enable Private key there are lot of articles out there saying we can use "Serial Number" properties but that never worked us.. so we always used Thumbprint
Certutil –repairstore my “0e a9 88 d4 6d 04 38 fd dd 38 39 e0 2a d5
1a da 62 dd a1 39”
Now we see Private Key enabled... So couple of takeaways and points to remember
1. Always run the Certutil cmd on the Server where we had CSR generated, if not i have seen command unsuccessful error.
2 Always make sure that before you run the above command the Certificate is all healthy with both root and intermediate certificates already installed on the Server.
Hope this helps some one!!!
No comments:
Post a Comment