• Article

Walkthrough: Create the certificate request for the internal interface

Topic Last Modified: 2009-07-11

To create the certificate request for the internal interface

  1. In the Deployment Wizard, on the Deploy Edge Server page, next to Step 4: Configure Certificates for the Edge Server, click Run.

  2. On the Welcome page of the Communications Certificate Wizard, click Next.

  3. On the Available Certificate Tasks page, click Create a new certificate, and then click Next.

  4. On the Select the Component for Which the Certificate Is Requested page, select Edge Server Private Interface, and then click Next.

  5. On the Delayed or Immediate Request page, select the Prepare the request now, but send it later check box, and then click Next.

    Note

    If the Enterprise CA is reachable from the Edge Server, you can use the Send the request immediately to an online certification authority option. Since this is typically not the case, this procedure and other certificate request procedures in this guide do not cover the use of that option. Additionally, be aware that once you create a request, it is pending and the Certificate Wizard will not let you create another request until you have processed the pending one.

  6. On the Name and Security Settings page, type a friendly name for the certificate, and specify the bit length (typically, the default of 1024), verify that the Mark certificate as exportable check box is selected, and then click Next.

  7. On the Organization Information page, type the name for the organization and the organizational unit (such as a division or department, if appropriate), and then click Next.

  8. On the Your Server's Subject Name page, type or select the subject name and subject alternate name of the Edge Server.
    The subject name should match the fully qualified domain name (FQDN) of the Edge Server published by the internal firewall for the internal interface on which you are configuring the certificate. For the internal interface of the Edge Server, this subject name should match the name that your internal servers use to connect to the Edge Server (typically, the FQDN of the internal interface for the Edge Server). For Litware Inc., this value is ocsedge.litwareinc.com.

  9. Select Automatically add local machine name to subject alternate name if you would like to add the computer name of the Edge Server to the certificates list of alternate names.

  10. Click Next.

  11. On the Geographical Information page, type the location information, and then click Next.

  12. On the Certificate Request File Name page, type the full path and file name to which the request is to be saved in the File name box (for example, C:\certrequest_AccessEdge.txt), and then click Next.

  13. On the Request Summary page, click Next.

  14. On the wizard completion page, verify successful completion, and then click Finish.

  15. Submit this file to your CA (by e-mail or other method supported by your organization for your Enterprise CA) and, when you receive the response file, copy the new certificate to this computer so that it is available for import.