ADAM & SSL (w/ 3rd Party)
- From: "Doug" <kolpekdb@xxxxxxxxxxxx>
- Date: 2 Jun 2005 11:11:11 -0700
Has anyone been able to get ADAM working with SSL using a certificates
issued from a 3rd party CA such as Verisign?
We've been trying to create a cert using the certreq utility, however,
Verisign tells us the created .CSR file does not contain required
fields such as Organization, State, Locality, etc. and we are unable to
find any method to get these attributes into the .CSR file using the
certreq utility. There seems to be an "-attrib" option but that
doesn't seem to be adding the values.
Here is our request.inf file settings:
[Version]
Signature="$Windows NT$"
[NewRequest]
Subject = "CN=<our FQDN is here>"
; replace with the FQDN of the DC
KeySpec = 1
KeyLength = 1024
; Can be 1024, 2048, 4096, 8192, or 16384.
; Larger key sizes are more secure, but have
; a greater impact on performance.
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1
; this is for Server Authentication
And there is the command we are running:
certreq -new request.inf adam.csr
We've also tried adding the attribute option like:
certreq -new -attrib "O:OurOrganization" request.inf adam.csr
but nothing seems to be working. Anyone else using a 3rd party CA for
LDAP over SSL? We've been following this kb:
http://support.microsoft.com/default.aspx?scid=kb;en-us;321051
Doug
.
- Prev by Date: RE: how can i allow a user to reset passwords
- Next by Date: Assigning applications
- Previous by thread: how can i allow a user to reset passwords
- Next by thread: Assigning applications
- Index(es):
Relevant Pages
|
