68 Chapter 3 Using certificates
311644-J Rev 00
5 Fill out Identifying Information: (Subject DN).
6 Fill out Intended Purpose: (Client Authentication Certificate and IPsec
Certificate). The CSP is the Crypto Provider that will generate the key pair.
7 Click on Submit. Be sure to remember the request ID.
Netscape digital certificate generation
1 Connect to Netscape CA.
2 Select Manual Object Signing Enrollment or Object Signing (Browser).
3 Fill out User's Identity.
4 Specify Contact Information.
5 Select the key size (512,1024).
6 Click on Submit. Be sure to remember the request ID.
Importing a digital certificate into MS-CAPI store
There are two scenarios when you are importing a digital certificate into the
MS-CAPI store:
• When you are using the Microsoft CA, the import process can be done
directly from Internet Explorer when retrieving the digital certificate from the
CA.
• When using other CA certificates, the client user or CA administrator
additionally needs to produce a PKCS #12 message that contains the private/
public key pair as well as the digital certificate. This can then be imported into
the MS-CAPI store through the Internet options tools or the Internet Explorer
browser.
Note: When importing a certificate into the MS-CAPI store, you will
also need to import the issuing CA certificate.
To Next Page
Loading...
