Article need extend RRS feed

  • General discussion

  • In article http://technet.microsoft.com/en-us/library/ee658141.aspx needed add second way to request certificate. In Windows Server 2008R2 request trougth http://localhost/certsrv maybe not work, because cannot mark "key is exportable".

    Run mmc.exe , add snap-in Certificates on Computer Account with Local Computer and right click on Personal -> All Tasks -> Request New Certificate ...

    Select Certificate Enrollment Policy (in domain - "Active Directory Enrollment Policy"), mark WebServer and click on warning message ("More information is required to enroll for this certificate. Click here to configure settings.").


    Subject name change to Common name, fill Value with a needed name (FQDN of TMG server) and click button [ Add> ].

    In tab General fill Frendly name: , can be same as FQDN.

    In tab Private key open Key options and mark Make private key exportable .

    Press OK and short wait for creation new certificate.

    Export this certificate as described in article.

    Thursday, October 14, 2010 10:41 AM