Using the Certificate Request Wizard
Another method of manually requesting a certificate is to use the Certificate Request Wizard. The Certificate Request Wizard can be used by Windows 2000, Windows XP, and Windows Server 2003 domain members when requesting certificates from an enterprise CA.
Note The Certificate Request Wizard does not show the same certificates when run from Windows 2000 versus Windows XP and Windows Server 2003. A Windows 2000 client computer only shows the available version 1 certificate templates, whereas Windows XP and Windows Server 2003 show all the available version 1 and version 2 certificate templates.
Loading the Certificates MMC Console
The Certificate Request Wizard is launched from the Certificates MMC console focused on either the current user or the local machine. The following procedure allows you to request a certificate with the Certificate Request Wizard:
1. Open an empty MMC console.
2. From the File menu, click Add/Remove Snap-in.
3. In the Add/Remove Snap-in dialog box, click Add.
4. In the Add Standalone Snap-in dialog box, in the Available Standalone Snap-ins list, select Certificates and click Add.
5. In the Certificates Snap-in dialog box, click My User Account to request a user certificate or Computer Account to request a computer certificate.
6. If you selected Computer Account, in the Select Computer dialog box, click Local Computer (The Computer this Console Is Running On) and click Finish. If you selected My User Account, click Finish.
7. In the Add Standalone Snap-in dialog box, click Close.
8. In the Add/Remove Snap-in dialog box, click OK.
Requesting a Certificate
Once you load the Certificates console, you can request a certificate by using the Certificate Request Wizard. Use the following procedure to request a certificate:
1. In the console tree, expand Certificates - Current User or Certificates (Local Computer), expand Personal, and click Certificates.
2. In the console tree, right-click the Personal folder, point to All Tasks and click Request New Certificate.
3. In the Certificate Request Wizard, click Next.
4. On the Certificate Types page, select the certificate template you want to request. The list is limited to the certificate templates for which either the current user or local machine have Read and Enroll permissions. Once you select the certificate template, click Next.
5. On the Certificate Friendly Name and Description page, in the Friendly Name box, type a descriptive name for the requested certificate and click Next.
Note If you are using Windows 2000, replace the File menu with the Console menu.
Tip If you are using Windows XP or Windows Server 2003, you can run certmgr.msc to launch the Certificates console focused on the current user.
6. On the Completing the Certificate Request Wizard page, click Finish.
7. In the Certificate Request Wizard message box, click OK.
If the certificate request is successful, the certificate appears in the details pane.
Post a comment