none
Invalid CSR request generated for RWA

    Question

  • When setting up Anywhere Access in Windows Server 2012 Essentials, the CSR generation is automated. However there is no place to enter in necessary validation information for the SSL certificate (i.e. OU, Org. name, state). We are stuck in setting up Anywhere access until we can generate a CSR that works. Please help.
    Tuesday, July 16, 2013 11:04 PM

Answers

  • And, to be a bit blunt, NetSol is a pita. And expensive. GoDaddy and Enom have been very good in this area and generally much less expensive. I also have to wonder if you purchased one of the super duper UCC +++ certs, when the simplest one will do fine.

    Here are some links on doing GoDaddy:  It works the same in 2011.

    http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html


    Larry Struckmeyer[SBS-MVP] If your question is answered, please mark the response as the answer so that others can benefit.

    Wednesday, July 17, 2013 9:24 PM
  • The solution for this issue was (shockingly) to use GoDaddy's $5 SSL certificate. I am amazed that the certificate signing request produced by the Anywhere Access Wizard is incompatible with Network Solutions, but that is what is up! Like we did not have enough "curve balls" coming at us these days!
    • Marked as answer by Bateau68 Thursday, July 25, 2013 10:13 PM
    Thursday, July 25, 2013 10:13 PM

All replies

  • The wizard generates a cert request that the CA will honor.  What exactly are you experiencing?  What causes you to think there is an error?

    Larry Struckmeyer[SBS-MVP] If your question is answered, please mark the response as the answer so that others can benefit.

    Wednesday, July 17, 2013 2:33 AM
  • It picks this info up from the info you entered in the setup of the server as I recall?

    Don't Retire TechNet

    Wednesday, July 17, 2013 6:50 PM
  • Thank you Both for your responses!

    What I have going on here is that when you enter the CSR request into Network Solutions interface, it says "invalid orginization name". In working with Netsol tech support, they said that they decrypted the CSR and found that it had no Org name, Org unit, or city and state info. And of course there is no interface to enter these bits of information as the CSR is generated by the wizard. Unless these things are in the CSR, then Network Solutions will not issue the certiificate, and their cert creation wizard won't even advance to the next step.

    Wednesday, July 17, 2013 9:14 PM
  • So did you fill in this info when you set up the server?  AFAI recall that's where it pulls it in from.

    Don't Retire TechNet

    Wednesday, July 17, 2013 9:21 PM
  • And, to be a bit blunt, NetSol is a pita. And expensive. GoDaddy and Enom have been very good in this area and generally much less expensive. I also have to wonder if you purchased one of the super duper UCC +++ certs, when the simplest one will do fine.

    Here are some links on doing GoDaddy:  It works the same in 2011.

    http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html


    Larry Struckmeyer[SBS-MVP] If your question is answered, please mark the response as the answer so that others can benefit.

    Wednesday, July 17, 2013 9:24 PM
  • Yeah, I have been wondering if using the ones offered in the product would remedy the situation. THis came about because the client's domain host does not offer SSL certs. Is there a way that I can NOT setup the domain through the wizard (A record is already done) and still get the cert purchased through GoDaddy?
    Wednesday, July 17, 2013 9:39 PM
  • Where does it ask for City and State. I did not do the software install myself, but is there a place in the registry to add this info later?
    Wednesday, July 17, 2013 9:40 PM
  • Way back in the original install.  I'll see if I can dig out that info, in the meantime you can probably search the registry for the firm name and it will bubble it up.

    How to Install Your Existing Certificate into SBS Essentials - The Windows Server Essentials and Small Business Server Blog - Site Home - TechNet Blogs:
    http://blogs.technet.com/b/sbs/archive/2011/08/04/how-to-install-your-existing-certificate-into-sbs-essentials.aspx  2012 should support handling a different cert from a different vendor?  But that's the 2011 info.


    Don't Retire TechNet

    Wednesday, July 17, 2013 9:56 PM
  • The solution for this issue was (shockingly) to use GoDaddy's $5 SSL certificate. I am amazed that the certificate signing request produced by the Anywhere Access Wizard is incompatible with Network Solutions, but that is what is up! Like we did not have enough "curve balls" coming at us these days!
    • Marked as answer by Bateau68 Thursday, July 25, 2013 10:13 PM
    Thursday, July 25, 2013 10:13 PM