Hi Tyson,
On Wed, Aug 12, 2009 at 10:07 AM, Tyson Scott<tscott_at_ipexpert.com> wrote:
>
> Install IIS on Windows XP. After doing so go to your default website and
> right click go to properties. Click on the Directory Security Tab. Click
> on Server Certificate. This will open the "IIS Certificate Wizard". This
> wizard can be used to generate a certificate signing request. Open the
> request file with Notepad. Paste the information to IOS CA. Copy the
> completed certificate from IOS CA back to windows XP. Install the
> certificate. You have now successfully generated a Certificate for windows
> XP using IIS.
Ah, I now see what the reference to IIS was about. You're right, of course.
This method allows you to create a certificate request with fixed
attributes/properties -- key usage attributes suitable for a web
server. Does this method allow you to generate certificates for use
with the VPN Client, for example? I remember it (the client) being
fairly fussy.
If you're going to go to the trouble of installing extra software just
to generate a certificate request, instead of installing IIS, you're
better off installing the Administration Tools pack (adminpak.msi)
from Windows Server 2003. As part of that install, you'll get
CertUtil.exe, which allows you to do a lot more, including generation
of certificate requests with whatever key usage attributes you like.
Chances are, most network administrator types would have the adminpak
installed already.
cheers,
Dale
Blogs and organic groups at http://www.ccie.net
Received on Wed Aug 12 2009 - 10:44:06 ART
This archive was generated by hypermail 2.2.0 : Tue Sep 01 2009 - 05:43:56 ART