Request a certificate

Article
01/25/2011

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To request a certificate

Open the Certificates console for the user, computer, or service you want to manage.

Tip

For instructions on creating a Microsoft Management Console (MMC) that allows you to manage the certificates of a user account, computer account, or service account, see the appropriate article from the following list

In the console tree, select the correct store that has the certificate you want to request. For example, under Certificates – Current User, expand Personal, click Certificates.

Note

For information on the different view options, see Certificates Console (https://go.microsoft.com/fwlink/?LinkId=209851).
In the details pane, click the certificate associated with the public key you want to associate a new certificate.
On the Action menu, point to All Tasks, and then click Request New Certificate to start the Certificate Request Wizard.
In the Certificate Request Wizard, provide the following information:
- Click the type of certificate you want to request.
- (Optional) If you have selected the Advanced check box, click the cryptographic service provider (CSP) you are using.
- (Optional) If you have selected the Advanced check box, click the key length (measured in bits) of the public key associated with the certificate.
- (Optional) If you have selected the Advanced check box and you want to enable strong private key protection, select the Enable strong private key protection check box. Enabling strong private key protection will ensure that you are prompted for a password every time the private key is used. This is useful if you want to make sure that the private key is not used without your knowledge.
- (Optional) If you have selected the Advanced check box and if you have more than one certification authority (CA) available, choose the name of the certification authority that will issue the certificate.
- A friendly name for your new certificate.
After the Certificate Request Wizard has successfully finished, click OK.

Note

You can use this procedure to request certificates from an enterprise certification authority only. To request certificates from a stand-alone certification authority, you need to request certificates via Web pages. A Windows certification authority has its Web pages located at https://servername/certsrv, where servername is the name of the server hosting the certification authority.

You can use this procedure to request certificates based on templates where the subject name is generated by Windows only. To request a certificate based on a template configured to obtain the subject name from the subject, you need to request certificates via Web pages.

If the requested certificate type requires approval before it is issued, you need to retrieve the completed certificate via Web pages. A Windows certification authority has its Web pages located at https:// servername/certsrv, where servername is the name of the server hosting the certification authority.

In order to request a Digital Signature Standard (DSS) certificate from an enterprise CA, you must select the User Signature Only certificate template in the Certificate Request Wizard.

Information about functional differences

Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

Request a certificate

To request a certificate

Information about functional differences

See Also

Concepts

Additional resources