Search the Petri IT Knowledgebase

The Unofficial M365 Changelog

Sponsors

Podcasts

Learning Center
search icon

close

Icon for Latest Whitepaper

Latest Whitepaper

Choosing an MFA Solution for Your Active Directory Environment? Ask These 15 Questions.
Icon for On-Demand Webinar

On-Demand Webinar

Combating Cyberattacks in 2022: Prepare to Defend Your Active Directory
Icon for Upcoming Conference

Upcoming Conference

GET-IT Microsoft Cloud Security and Compliance 1-Day Virtual Conference
Icon for Ebook

Ebook

The Forrester New Wave™: SaaS Application Data Protection, Q4 2021

Home

Security

Obtain a Digital Certificate from an Online Certificate Authority (CA)

Daniel Petri

 |

Jan 8, 2009

How do I obtain a Digital Certificate from my Certificate Authority (CA)?
This article will describe the 2 most popular methods for obtaining a Digital Certificate from your online Certificate Authority (or CA). I will not elaborate on the reasons for doing so, and if you feel uncomfortable about these issues I suggest you take a look at the related articles at the bottom of this page.

As stated above, there are 2 easy methods for obtaining a Digital Certificate from your online CA.
Digital Certificates can be granted to users based upon their roles and group membership. For example, a regular user that wants to enroll for a certificate will only be allowed to enroll for a specific set of Digital Certificates, while another user that is a member of the Domain Admins group will be allowed to enroll for a different set of certificates that can be used for a variety of functions, including Recovery Agents, IPSec, SSL and so on.
User Digital Certificates are valid for different purposes, including:

  • Allowing data on disk to be encrypted
  • Protecting e-mail messages
  • Proving the user’s identity to a remote computer

Method #1 – By using a custom MMC

In this method a user will need to open a custom MMC and enroll by use of the MMC GUI.
In order to obtain a Digital Certificate by use of a custom MMC please perform the following steps:

advertisment

  1. Go to the Start menu > Run > type MMC and press Enter.
  2. In the MMC window, go to the File menu and select Add/Remove Snap-In.
  3. In the Add/Remove Snap-In window press the Add button.
  4. Select Certificates from the available list of snap-ins and click Add.
  5. In the user attempting this action is a member of the Domain Admins or Administrative groups he or she will be presented with a Certificates Snap-In window, asking whether the certificate will be issued to the user account, the computer or a service running on the computer. We will choose My User Account. Click Finish.
  6. Expand Certificates – Current User > Personal.

Note: There may be a Certificate folder under the Personal folder. Ignore it for now.

  1. Right-click the Personal folder and select All Tasks > Request New Certificate.

  1. In the Certificate Request wizard click Next.

  1. In the Certificates Type select User.

Note: Depending on the groups your user account belongs to, you might also see other certificate types. Ignore them for now.

advertisment

  1. In the Friendly name type a name for the certificate, for example “Daniel’s User Certificate” or similar.

Lamer note: Use your own name… duh…

Click Next.

  1. In the final page of the wizard click Finish. If all went well (and there is no reason why it won’t) you’ll get a confirmation message. Acknowledge it.


You now have a new Digital Certificate. You can view it by going to the Certificates – Current User > Personal > Certificates folder within the current MMC window. Double-click on the new certificate and inspect the information found in it.


Method #2 – By using a web browser

In this method a user will need to open his or her web browser and surf to a given URL – that in fact is the URL for the online CA.
In order to obtain a Digital Certificate by use of a a web browser please perform the following steps:

  1. Open an Internet browser such as Internet Explorer, Opera or Firefox.
  2. In the address bar type the following URL:

http://server_name/certsrv
where server_name is the FQDN or the IP of the server that is hosting the CA.

advertisment

  1. In the Welcome screen click “Request a certificate”.

  1. In the “Request a certificate” screen click “User Certificate”.

  1. In the “User Certificate – Identifying Information” window, if a warning message appears telling you that there is a Potential Scripting Violation click Yes.


Click Submit.

  1. In the “Certificate Issued” window click on “Install this certificate”.

  1. When the “Certificate Installed” window screen close the browser window.

You now have a new Digital Certificate. You can view it by going to the Tools > Internet Options > Content tab within the current Internet Explorer window. Click on the Certificates button. Look for the new certificate in the Personal tab, double-click on it and inspect the information found within.

You can also choose to export your new certificate by selecting the certificate and pressing the Export button.

Related articles

You might also want to read the following related articles:

More from Daniel Petri

Microsoft's Blunder: Upgrade to Office 2016 and Lose Skype for Business

Windows 10 Ignoring the Hosts File for Specific Name Resolution

Resolving "Namespace is already defined' Group Policy Error in Windows 10

advertisment

Petri Newsletters

Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.

advertisment

More in Security

Cloud Computing

Build 2022: Microsoft Boosts Data Analytics and Cybersecurity in New Training & Certifications

May 24, 2022 | Rabia Noureen

Network Security

Microsoft Defender for Office 365 to Get Preset Security Policy Improvements In June

May 23, 2022 | Rabia Noureen

Security

Microsoft Detects 254% Spike in XorDDoS Attacks on Linux Servers

May 23, 2022 | Rabia Noureen

Security

CISA Warns Federal Agencies to Mitigate Critical VMware Vulnerabilities by May 23

May 20, 2022 | Rabia Noureen

Windows Server 3 Hero Approved

CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers

May 17, 2022 | Rabia Noureen

Security

F5 Confirms New Remote Code Execution Flaw in BIG-IP Systems

May 9, 2022 | Rabia Noureen

Most popular on petri

X

Log in to save content to your profile.

Login

Sign Up

Username/Email

Password

Forgot Password?

Login

Article saved!

Access saved content from your profile page. View Saved

Reach out

Contact Us

Advertising

About Us

Media Kit

Learn More

Podcasts

Learning Center

Webinars

Sitemap

Windows

Cloud

Office 365

Servers

Join The Conversation

Create a free account today to participate in forum conversations, comment on posts and more.

Copyright ©2019 BWW Media Group

Terms and Conditions of Use

 |

Privacy Policy