setting up a proper ssl with a windows CA

i have a linux box that im trying to register a proper ssl key so its trusted in my ad environment.

so my CA is setup and i can enroll certificates from windows boxes on the domain but having issues with linux.

here is what i do:

1. http://ca/certsrv/

2. click on request a certificate 

3. advanced certificate request

4. Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file. 

5. past my request into the first text box (base 64 encoded certificate request)

6. for certificate tempalte i tried basic efs and user

i am able to download the answer file and import it properly but cant get the website to come up.  i get this in firefox:

Certificate type not approved for application.

(Error code: sec_error_inadequate_cert_type)

in IE i cant even get the website to go.  i just have an option to close the page because the cert is invalid.

from using openssl on the linux box it seems that i am not getting a server cert.  do i need to add another template?  if so how?

any help would be greatly appreciated, thank you

i am referencing this:

http://technet.microsoft.com/en-us/library/cc770607.aspx

July 18th, 2013 6:57pm
you should use Web Server template, instead of EFS or User. EFS and User are intended for user operations and not for any type of SSL.
Free Windows Admin Tool Kit Click here and download it now
July 19th, 2013 3:32am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics