Switching to the Production Environment

[The AD RMS SDK leveraging functionality exposed by the client in Msdrm.dll is available for use in Windows Server 2008, Windows Vista, Windows Server 2008 R2, Windows 7, Windows Server 2012, and Windows 8. It may be altered or unavailable in subsequent versions. Instead, use Active Directory Rights Management Services SDK 2.1, which leverages functionality exposed by the client in Msipc.dll.]

When you have completed developing and testing you application, perform the following steps to switch from the Pre-production to the Production certificate hierarchy.

  1. Remove the Active Directory Rights Management Services (AD RMS) role.
  2. Create a public key pair.
  3. Submit the public key to Microsoft and sign the license agreement. Microsoft creates and signs a Production certificate.
  4. Install the signed Production certificate forwarded by Microsoft.
  5. Reconfigure the AD RMS server registry as needed.
  6. Reconfigure affected client computer registries as needed.
  7. Remove all AD RMS certificates and licenses from the client computer(s).
  8. Reinstall the AD RMS role.
  9. Create a new manifest (.mcf) file for your application, specifying the paths of the new public and private keys.
  10. Run Genmanifest.exe and specify the signed production certificate and the new .mcf file on the command line.

See the following topics for more information about the preceding steps.

Topic Description
Obtaining a Key Pair for Manifest Signing Discusses how to obtain a key pair. The public key is submitted to Microsoft to acquire a signed Production certificate, and both the public and private key are used to create an application manifest that signs your application into the Production hierarchy.
Requesting a Production License Agreement Discusses how to contact Microsoft to obtain a Production License Agreement for your custom AD RMS application.
Production Server Settings Discusses the changes you must make to an AD RMS server registry before moving from the Pre-production to the Production certificate hierarchy.
Production Client Settings Discusses the changes you must make to registries of affected client computers before moving from the Pre-production to the Production certificate hierarchy.
Restoring a Client Computer to a Clean State Discusses how to remove all AD RMS licenses and certificates from affected clients before switching to the Production hierarchy.
Creating an Application Manifest Discusses how to create an application manifest.
Genmanifest.exe Specifies the syntax of the executable file used to create an application manifest.

 

Setting Up the Pre-production Development Environment

Using the AD RMS SDK