In order to complete certificate enrollment, the Web site for the CA must be configured to use HTTPS authentication.
The following example will assume that you have an Enterprise CA from which to issue certificates. Further, the assumption is that you have a Certification Authority Web Enrollment pages installed, either on that CA or on another computer in the domain.
This example will walk through the steps necessary to do the following:
Instead of using the former http://servername/certsrv location, you must connect to
https://servername/certsrv to request a certificate.
Ref Your: Connect to the Enterprise CA with the appropriate credentials and open the Certification Authority console.
Where can I find EXACTLY what appropriate credentials are required. I don't see duplicate template option
To see the "duplicate template option" do as suggested in step 3 and I quote "If you don't see these options, then run the following command: certtmpl.msc to open the Certificate Templates console."
On section "Obtain a certificate for IIS using the certificate template" t Step 8, I don't see the Certificate Enrollment Policy page, instead, I see the Request Certificates page, which has the SSL Certifcates template which I created in the above section. Could you advise what I am missing here?
It worked for me. Thanks for clear explanation.
There is missed step in "Obtain a certificate for IIS using the certificate template" after step 8. Before clicking "Enroll" you have to select checkbox with your certificate template.
On section "Configure HTTPS on the Default Web Site", Step 8, when I click OK I've got a message "The specified port is being used by a different binding". So I think I have to edit that binding instead of creating a new one, but I am not sure what behavior is expected by doing that.