How to Obtain a Digital Certificate Using the Web Enrollment Form


This topic explains how to obtain a digital certificate using the web enrollment form for the purposes of setting up a PKI/Exchange test environment.

The computer account and domain names used in this procedure are based on the test environment described in Implementing an Exchange 2003-Based Message Security System in a Test Environment.

Before You Begin

The first time you request a certificate using a Web browser through the Web enrollment form, you must be using an account with Administrator privileges on the local computer. This requirement is because the Web enrollment page uses an ActiveX® control that requires Administrator privileges to install successfully.

At the console, log on to CONT-WK01 as a member of the Administrators group on the local computer for the first request. For all other requests, you can use an account that is a member of the Domain Users group.


To obtain a digital certificate using the Web enrollment form

  1. Click Start, point to All Programs, and then click Internet Explorer.

  2. Click File, click Open, type http://cont-ca01/certsrv (where you would replace http://cont-ca01/certsrv with the name of your certificate server) in the Open box, and then click OK.

  3. On the Welcome page, click Request a certificate.

  4. On the Request a Certificate page, click User Certificate.

  5. On the User Certificate - Identifying Information page, click Submit.

  6. In the Potential Scripting Violation dialog box, click Yes.

  7. On the Certificate Issued page, click Install this certificate.

  8. In the Potential Scripting Violation dialog box, click Yes.

  9. In the Root Certificate Store dialog box, click Yes.

  10. When the Certificate Installed page is shown, close Internet Explorer.