Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[WLM ] How to create a PKCS12 certificate for SmartPass via the Windows Server 2008 CA

0

0

Article ID: KB25250 KB Last Updated: 04 Mar 2017Version: 2.0
Summary:
This article provides information on how to create a PKCS12 certificate for SmartPass by using the Windows Server 2008 CA.
Symptoms:
How to create a PKCS12 certificate for SmartPass by using the Windows Server 2008 CA.
Cause:

Solution:
As the default Web Sever Certificate Template does not allow the marking of the key as exportable, you have to create a new Certificate Template. You can do so by duplicating an existing template and using the existing template's properties as the default for the new template.

To create a new version of a certificate template, perform the following procedure:

  1. To open the Certificate Template Snap-in, go to Start > mmc > File > Add/Remove Snap-ins and select Certificate Templates > Add > OK.

  2. In the Details pane, right-click Web Server Template > Duplicate Template and select either Windows Server 2003 or 2008 Enterprise (click Learn more about Certificate Template Version, if you want to check the differences between 2003 and 2008) and click OK.

  3. On the General tab, type the Template display name and Template name.

  4. On the Request Handling window, select the Allow private key to be exported check box and click OK:


After the Certificate Template is created in the Certificate Template Snap-in, it can be published for deployment:

  1. Go to Start > Administrative Tools and click Certification Authority.

  2. In the console tree, select Certificate Templates.

  3. Right-click Certificate Templates and then click New > Certificate Template to Issue.

  4. In the Enable Certificate Templates dialog box, select the certificate template or templates that have to be issued by the CA and click OK:


To generate the certificate, perform the following procedure:

  1. On a computer, which is on the same domain with the Windows server 2008, open a browser (recommended is IE) and navigate to http://<WS2K8_IP_address>/certsrv (<WS2K8_IP_address> is the IP address of the Windows Server).

  2. Go to Request a certificate > advanced certificate request > Create and submit a request to this CA (you will be asked to confirm the web access confirmation).

  3. On Certificate Template, select the required Template.

  4. Complete the fields with the Information of the new certificate (Name=common.name, e-mail, company, and so on) and click Submit:


After the certificate has been issued, click to install the certificate. If the CA certificate is not already installed, you have to first install the CA certificate and then the certificate.

  1. On IE, go to Internet Options > Content > Certificates.

  2. On the Personal tab, click the installed certificate and click Export > Next > Yes, export the private key and select Personal Information Exchange(to create a PKCS12 certificate) > Include all certificates in the certification path > export all extended properties > Next, type a password (export password), select a location to save the certificate, click Next, and then Finish.

  3. Copy the PKCS12 certificate on the SmartPass server, open SmartPass and go to Setup >Server Certificate Management, click Change Server Certificate, select PKCS#12, add the pkcs12 certificate, the export password, and click Save.

  4. After this, the add information window will be displayed:

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search