Step 3: Importing Public and Private Certificates
In this step, you import the certificates you created in Step 2: Creating Public and Private Certificates [RN3] to the Contoso and Fabrikam computers. Each computer imports its own private certificates and imports the public certificates of the other organization.
Note
You have to transfer the Fabrikam private certificates and Contoso public certificates to the Fabrikam computer to import them. This step assumes that you put these certificates in the C:\Certs folder on the Fabrikam computer.
To import the Contoso private certificates on the Contoso computer
On the Contoso computer, click Start, click Run, type cmd, and then click OK.
At the command prompt, move to <drive>:\Program Files\Microsoft BizTalk <version> Accelerator for RosettaNet\SDK and then press Enter.
At the command prompt, type CertWizard /Privatekey "<drive>:\Certs\Contoso Private Encryption.pfx", and then press Enter.
At the Please enter the password for the certificate file prompt, type mysecret, and then press Enter.
At the Enter password for identity <contoso_machine>\HostSvc prompt, type the HostSvc account password, and then press Enter.
Note
If your BizTalkServerApplication runs under an account name other than HostSvc, the prompt must be different.
At the This home certificate will be used for prompt, type D, and then press Enter.
The CertWizard imports the certificate into the \Personal\Certificates store for the user accounts that BizTalkServerApplication and BizTalkServerIsolatedHost hosts run under.
Repeat steps 3-6 for the Contoso Private Signature.pfx certificate specifying that it is a signature certificate by typing S at the This home certificate will be used for prompt noted in step 6.
To import the Fabrikam public certificates on the Contoso computer
On the Contoso computer, click Start, click Run, type cmd, and then click OK.
At the command prompt, move to <drive>:\Program Files\Microsoft BizTalk <version> Accelerator for RosettaNet\SDK and then press Enter.
At the command prompt, type CertWizard /Publickey "<drive>:\Certs\Fabrikam Public Encryption.cer", and then press Enter.
Repeat step 3 for the Fabrikam Public Signature.cer certificate.
To import the Fabrikam private certificates on the Fabrikam computer
Copy the following files from the Contoso computer to the <drive>:\Certs folder on the Fabrikam computer: Contoso Public Encryption.cer, Contoso Public Signature.cer, Fabrikam Private Encryption.pfx, and Fabrikam Private Signature.pfx.
On the Fabrikum computer, click Start, click Run, type cmd, and then click OK.
At the command prompt, move to <drive>:\Program Files\Microsoft BizTalk <version> Accelerator for RosettaNet\SDK and then press Enter.
At the command prompt, type CertWizard /Privatekey "<drive>:\Certs\Fabrikam Private Encryption.pfx", and then press Enter.
At the Please enter the password for the certificate file prompt, type mysecret, and then press Enter.
At the Enter password for identity <fabrikam_machine>\HostSvc prompt, type the HostSvc account password, and then press Enter.
Note
If your BizTalkServerApplication runs under an account name other than HostSvc, the prompt must be different.
At the This home certificate will be used for prompt, type D, and then press Enter.
The CertWizard imports the certificate into the \Personal\Certificates store for the user accounts that BizTalkServerApplication and BizTalkServerIsolatedHost hosts run under.
Repeat steps 4-7 for the Fabrikam Private Signature.pfx certificate specifying that it is a signature certificate by typing S at the This home certificate will be used for prompt in step 6.
To import the Contoso public certificates on the Fabrikam computer
On the Fabrikum computer, click Start, click Run, type cmd, and then click OK.
At the command prompt, move to <drive>:\Program Files\Microsoft BizTalk <version> Accelerator for RosettaNet\SDK and then press Enter.
At the command prompt, type CertWizard /Publickey "<drive>:\Certs\Contoso Public Encryption.cer", and then press Enter.
Repeat step 3 for the Contoso Public Signature.cer certificate.