1. | Log
in as an administrator and then open a web browser and point it to the
certificate server (in this case https://dc1.companyabc.com/certsrv).
|
2. | Click the Request a Certificate link.
|
3. | Click the advanced certificate request link.
|
4. | Click the Create and Submit a request to this CA link.
|
5. | In the Type of Certificate Template field, select Operations Manager.
|
6. | In the Name field, enter the FQDN (Fully Qualified Domain Name) of the target server.
Note
Go to the actual
server to get the name! On the server, go to Computer Properties,
Computer Name. Copy the Full Computer Name and paste it into the Name
Field of the form.
|
7. | Click Submit.
|
8. | Click Yes when you get the warning pop-up.
|
9. | Click Install this certificate.
|
10. | Click Yes when you see the warning pop-up. The certificate is now installed in the user certificate store.
Note
The certificate
was installed in the user’s certificate store but needs to be in the
local computer store for Operations Manager. The ability to use the web
enrollment to directly place the certificate into the local computer
store was removed from the Windows Server 2008 web enrollment, so the
certificate needs to be moved manually.
|
11. | Select Start, Run, and then enter mmc to launch an MMC console.
|
12. | Select File and Add/Remove Snap-In.
|
13. | Select Certificates and click Add.
|
14. | Select My User Account and click Finish.
|
15. | Select Certificates again and click Add.
|
16. | Select Computer account and click Next.
|
17. | Select the Local computer; click Finish and then OK.
|
18. | Expand the Certificates – Current User, Personal, and select the Certificates folder.
|
19. | In
the right pane, right-click the certificate issued earlier (in this
example EX3.companyabc.com) and select All Tasks, Export. The
certificate can be recognized by the certificate template name
Operations Manager.
|
20. | At the Certificate Export Wizard, select Next.
|
21. | Select Yes, export the private key. Click Next.
|
22. | Click Next.
|
23. | Enter a password and click Next.
|
24. | Enter a directory and filename (such as c:\EX1cert.pfx) and click Next.
|
25. | Click Finish to export the certificate. Click OK at the pop-up.
|
26. | Expand the Certificates (Local Computer), Personal, and select the Certificates folder.
Note
If this is
the first certificate in the local computer store, the Certificates
folder will not exist. Simply select the Personal folder instead, and
the Certificates folder will be created automatically.
|
27. | Right-click in the right pane and select All Tasks, Import.
|
28. | At the Certificate Import Wizard, select Next.
|
29. | Click
Browse to locate the certificate file saved earlier. Change the file
type to Personal Information Exchange (pfx) to see the file. Click Next.
|
30. | Enter the password used earlier, select the Mark This Key as Exportable, and click Next.
|
31. | Click Next.
|
32. | Click Finish and then OK at the pop-up to complete the import.
|
