PortSight Secure Access Documentation

Generate Client Certificate Using Your Own Certificate Service

 

This guide will help you generate certificate for the ARWebService client:

1)       Request a certificate o n the client computer:

a)       Log on as a user that will use the client application.

b)       Navigate to the Certificate Service Web site by typing the following URL in the Internet Explorer:

      
 http://<your_cert_server>/certsrv

c)       Select "Request a certificate" and click Next.

d)       Select "Advanced request" and click Next.

e)       Select "Submit certificate request to this CA using a form" and click Next.

f)        Fill the "Identifying Information" form.

g)       As an "Intended purpose" select "Client Authentication Certificate".

h)       Click Submit.

i)         Now the request for new certificate has been sent to the Certification Service. According to our settings made in step 4 in the Set up your own certificate service chapter, it's necessary that the Administrator issues the certificate.

2)        Issue the certificate o n the Certificate Authority (CA) computer:

a)       Log on as an administrator.

b)       Click Start -> Setting -> Control Panel -> Administrative Tools -> Certification Authority.

c)       Expand the tree and click on "Pending Requests". Your pending request should be displayed in the right panel . Right click the request, choose "All Tasks" and click Issue.

d)       The certificate is now correctly issued and you can find it in the "Issued Certificates" folder.

3)        Install the certificate o n the client computer:

a)       Log on as a user that will use the client application (if not logged).

b)       Run the Certificate Service Web site by typing the following URL in the Internet Explorer:

 http://<your_cert_server>/certsrv

c)       Select "Check" on the pending certificate and click Next.

d)       Select the certificate you want to check and click Next.

e)       Click on the "Install this certificate" link.

f)        The certificate should be correctly installed now.

4)       Check that the certificate has been correctly installed o n the client computer:

a)       Log on as the user that will use the client application (if not logged).

b)       Click Start -> Run, type mmc, and then click OK.

c)       I n the File menu, click "Add/Remove Snap-in", and then click Add.

d)       Under Snap-in, double-click Certificates.

e)       Click "My user account", and then click Next.

f)        Click "Local computer", and then click Finish.

g)       This allows you to manage certificates for the current user.

h)       Click Close.

i)         Click OK.

j)         Expand the tree and check that the client certificate is stored in the Personal\Certificates folder.