8 steps to configure MTLS SSL Certificate for Communicator Web Access CWA 2007 R2

  1. create a csr by running lcscmd from the setup disk

    lcscmd /cert /action:request /ou:IT /org:Fabrikam /sn:ocscomweb01.fabrikam.com /san:ocscomweb01 /country:US /state:MI /city:City /online:false /filename:c:\ocscomweb01.csr.txt

    Depending on your setup you might have to switch places for the hostnames, some want the fqdn as subject name(sn), some want it as subject alternate name(san)

  2. go to the CA webpage, e.g. http://ad1/certsrv or wherever your CA is located
  3. ‘Request a certificate’
  4. Choose ‘submit advanced certificate request’
  5. Choose ‘Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.’
  6. Paste the CSR (read it from the file in 1) into the ‘Saved Request’ field, choose ‘Web Server’ from the ‘Certificate Template’ drop down. Submit
  7. Mark the base64 tab and download, then save the file
  8. Import the response:
    lcscmd /cert /action:importresponse /filename:<path to file saved in 6>

Tags: , ,

This entry was posted on Tuesday, July 27th, 2010 at 14:49 and is filed under OCS. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply