I'm working with a developer who is creating an application in Sliverlight in Visual Studio. On the properties of the Site Management there are options to choose and she needs to create a certificate so when internal users can use the application. I do have an internal Certificate Authority server but I'm not sure how to do any of this, any advice please? Thanks. I'm assuming the certificate should be issued to all users in the domain.

Hi, Thanks for posting in Microsoft TechNet forums. We can check the information and links in the article below: Active Directory Certificate Services http://technet.microsoft.com/en-us/library/cc770357(v=ws.10).aspx Regards Kevin

I'm working with a developer who is creating an application in Sliverlight in Visual Studio. On the properties of the Site Management there are options to choose and she needs to create a certificate so when internal users can use the application. I do have an internal Certificate Authority server but I'm not sure how to do any of this, any advice please? Thanks. I'm assuming the certificate should be issued to all users in the domain. If you are trying to issue a certificate to an IIS website hosting the sliverlight application, you might want to have a look at this guide http://technet.microsoft.com/en-us/library/cc732230(v=ws.10).aspx /Hasain

Thanks for the replies. No, this certificate wont be tied to an IS website. Appparently the application will reside on all the users computers and during the install of the program they or using the program they shoudlnt be prompted for a certificate or warned about any certificates so I need to create one from my CA server but I do not know how to? Thanks.

What is the purpose of the certificate and how is it used? Code signing of the application, client authentication, server authentication or any other reason? Could you please check that so we can give you better help on this /Hasain

Here is an example of an application she is going to install and it says: The Silverlight Spy setup packages on this page are digitally signed with a code signing certificate where the publisher is identified as First Floor Software. Please verify the publisher to ensure you have downloaded genuine software.

Ok, you need a code signing certificate, follow the steps below to issue and use a code signing certificate: Make the code signing certificate template available on the certificate serverRequest a code signing certificate for the user performing the signing processUse the requested certificate to sing the applicationDeploy the code signing certificate as a trusted publisher through Active Directory http://technet.microsoft.com/en-us/library/cc733026.aspx /Hasain

Thank You Hasain for your replies. Do you have steps on how to accomplish the above?

Hasain, Thanks very much. I completed all the steps except the last one where you sent the link to configure the certificate as a trusted publisher in AD. This seems like the certificate will be pushed out using GP. I think think it would be easier if the certificated would be in the application that all the users will install on their desktop. What do you think?

how is the certificate tied in with AD? How will this effect remote users, will they be able to have the policy applied to them? This is only a program that our developer is developing for employees and needs a certificate, what does the certificate in the program authenticate against, the certificate in the CA server, sorrect. So why then does it need to go into AD?