Request and install client certificate – Windows 2003 server

Written by stevey on September 6th, 2011

Last post was about how to request and install a server-side certificate in preparation for authenticating WCF service client using client certificate. Once the server-side certificate is in place, it’s time to get the client certificate in order. Here were the steps I took a few days ago for requesting, issuing and installing a client certificate in a Windows 2003 server machine:

  1. Went to Http://localhost:8080/CertSrv – >Request a certificate ->Browser certificate
  2. Submiited the request by following on-screen instruction (entered Name, e-mail, Company, department and chose key strength, 2048)
  3. Went into CA (Start->Administrative tools -> Certificate Authority ->Pending requests folder
  4. All tasks -> Issue and issued the client or browser certificate.
  5. Went into Issued Certificates folder and double clicked on the certificate request item ->Details – >Copy to file, the “Welcome to the Certificate Export
    wizard” pop up, Next and chose “Based-64 encoded X.509 (.Cer) option, same as the server-side cert created previously, Next
  6. Copied to c:\ClientCert.cer, Next and “Completing the Certificate Export wizard” showing “File Name, Export Keys (No), Include all certificates in the certification path (No), File format (base64-coded X.509)”, Finish
  7. Went into c:\ClientCert.cer and double clicked to open the Certificate – >Install certificate – >Next – >”Automatically select a certificate store,..” -> Next -> Finish

Leave a Comment