How do I obtain a Digital Certificate from my Certificate Authority (CA)?
This article will describe the 2 most popular methods for obtaining a Digital Certificate from your online Certificate Authority (or CA). I will not elaborate on the reasons for doing so, and if you feel uncomfortable about these issues I suggest you take a look at the related articles at the bottom of this page.
As stated above, there are 2 easy methods for obtaining a Digital Certificate from your online CA.
Digital Certificates can be granted to users based upon their roles and group membership. For example, a regular user that wants to enroll for a certificate will only be allowed to enroll for a specific set of Digital Certificates, while another user that is a member of the Domain Admins group will be allowed to enroll for a different set of certificates that can be used for a variety of functions, including Recovery Agents, IPSec, SSL and so on.
User Digital Certificates are valid for different purposes, including:
In this method a user will need to open a custom MMC and enroll by use of the MMC GUI.
In order to obtain a Digital Certificate by use of a custom MMC please perform the following steps:
Note: There may be a Certificate folder under the Personal folder. Ignore it for now.
Note: Depending on the groups your user account belongs to, you might also see other certificate types. Ignore them for now.
Lamer note: Use your own name… duh…
Click Next.
You now have a new Digital Certificate. You can view it by going to the Certificates – Current User > Personal > Certificates folder within the current MMC window. Double-click on the new certificate and inspect the information found in it.
In this method a user will need to open his or her web browser and surf to a given URL – that in fact is the URL for the online CA.
In order to obtain a Digital Certificate by use of a a web browser please perform the following steps:
http://server_name/certsrv
where server_name is the FQDN or the IP of the server that is hosting the CA.
Click Submit.
You now have a new Digital Certificate. You can view it by going to the Tools > Internet Options > Content tab within the current Internet Explorer window. Click on the Certificates button. Look for the new certificate in the Personal tab, double-click on it and inspect the information found within.
You can also choose to export your new certificate by selecting the certificate and pressing the Export button.
You might also want to read the following related articles: