I generated a certificate request using instructions provided by GoDaddy which pointed me to IIS Manager to create the request. I have received the SSL certificate and installed per instructions. I can pull the certificate remotely on port 443. I need to use the certificate for SLDAP on port 636. The connection fails on that port. I found KB321051, in there is a statement that says you must use the Schannel cryptographic service provider to generate the key. Does that mean that I could only generate the key using "certreq -new Request.inf request.req"? Will the request from IIS Mgr work and if so is there something else wrong? Additionally, I did bind the certificate to port 636 and it does show up when I run "httpcfg query ssl".Using OpenSSL I get the following error "7428:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib.c:188:" Windows 2003 SP1

if your client is running Windows Vista/2008 or higher you can use Certificates MMC snap-in focused on Local Computer account. There is an option Custom Certificate Request where you can specify necessary CSP. IIS console don't provide the ability to change CSP for certificate request.http://www.sysadmins.lv

Hi,If the certificate from GoDaddy does not meet the requirements mentioned in the KB article, I am afraid that you need to request a LDAPS certificate to enable LDAPS.Thanks.This posting is provided "AS IS" with no warranties, and confers no rights.