I am trying to create a selfssl that matches my server name for a SharePoint installation that resides on a stand-alone Windows 2008 server. I cannot figure out what the correct name of the certificate should be. For example, should I use the IP address of the machine? I need the name to match because Windows VISTA and Windows 7 clients CANNOT use the "Windows Explorer" feature using SSL unless the name matches the certificate. The problem does not exist with Windows XP or Windows 2003. Does anyone know how to create a self signed certificate on a stand-alone Windows 2008 server?

I have created a self assigned cert yet, but the name of the cert should be the name your users use to access SharePoint. whatever is after http:// in the address bar.HTHDavid Lozzi Delphi Technology Solutions Blog | LinkedIn | Twitter

Conceptually, that works. The problem I have is the server name is only for an internal address and the IP address is NAT. I am using a 10.x.x.x internal address that is configured to receive requests by using Port Forwarding in my router.So, http://10.x.x.x:4443/ will not work as my certifcate name. :(

What I really need, which I cannot remember how to do, is to assign to assocaite two names to a certificate. MS told me how, but I cannot find the @$# instructions. ;)

I'm not sure about assigning two names to a cert. If I understand what you're trying to do. If port forwarding is rerouting traffic, that technically shouldn't matter. The host name is passed through along with it. So even though domain.com points to one IP and then directs it to 10.x.x.x the ssl cert should be domain.com. David Lozzi Delphi Technology Solutions Blog | LinkedIn | Twitter

Microsoft was able to correct the issue. As I expected, the problem was with the certificate. >> Install Root CA role (Workgroup or Enterprise) on the server. >> Created an answer file and supplied the external and internal IPs in the Subject Alternative Name in the file. (inf file is attached to the mail rename it to .inf) >> Run the command certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2 on the server to enable SAN on the certificates. >> Restart the CA service. >> Use the certreq tool to generate the request and get a new cert issued out from the CA. (http://support.microsoft.com/kb/931351 ) Following are the commands: - Certreq new <inf file name> <request file name> - Certreq submit <request file name> <certificate file name> - Certreq accept <certificate file name> >> The cert would now show up in the personal store of the computer. (Can check it using the mmc) >> Bind the certificate to the IIS.

Hi All, I have published an article on my web site (www.mossgurus.com) regarding configuring SSL certificate for SharePoint Server 2010. The steps in this article equally applies to MOSS 2007/WSS3.0 Complete detail can be found at: How to configure SSL certificate for the central administration web site of SharePoint Server 2010 Thanks Adnan Ahmed Senior MS Solutions Consultant PM Centrix www.pmcentrix.com