Self-Signed SSL Certificates

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I need to set up a development version of a secure website on Microsoft
Windows 2003, so I am trying to figure out how to create my own SSL

I feel that I understand how certificates work, but I am completely
baffled by the tools Microsoft provides to manage certificates. Can
anyone point me to documentation on the Windows 2003 certification
authority and/or other certification management tools? I am looking for
answers to these specific questions:

1) How do I manage the self-signed (root) certificate used by the
certification authority? I cannot seem to edit its name or its
expiration date, and I can't export its private key. Nor can I replace
it with another certificate.

2) How do I control the expiration date for the certificates signed by
the certification authority? All certificates are valid for one year,
and I seem to have no control over that.

3) The tree structure and common sense implies that I should be able to
install more "certification authorities" under the root "certification
authority" node. How do I do that?


Re: Self-Signed SSL Certificates

Quoted text here. Click to load it

This help? /

Quoted text here. Click to load it

Look on the bright side - at least they do provide tools now.

Whatever you do - do something.

Re: Self-Signed SSL Certificates

Be aware where I work did this to save a few bucks and it is a pain in the
ass. The amount of time we have since wasted on the Helpdesk taking people
through installing our certificate to stop "annoying popups" have since
greatly outweighed any initial savings.

Re: Self-Signed SSL Certificates

Nevermind - I re-read the post and saw the "development" line this time.
Nothing to see here, move along...

Site Timeline