Ahmed Hussein Online

this post ill show you how to create a custom template in your internal CA and how to issue a certificate with alternative names so that I can be installed on all the needed servers

Please note this certificate will be used for

• Internal (internal path ,servers names )
• External

So the simple IIS request will not do it

We need certificate with SANS (Subject alternative names)

We start our CA

We manage the templates ( we will be creating a new template for our request )

We duplicate the webserver certificate

we set a name

we will be exporting this Certificate so we need also to export the private key

to make the servers able to enroll we need to give them in the security the ability to enroll

Press OK

And we select our newly create certificate template

Now on the RMS node

We add the certificate Snap in

Press OK

Now we enroll

This how it will look after enrollment

Now we export it and import it to the second node

now we add the same snap in in the second node

Now last step this one will be identical on both nodes

Start the IIS and assign the certificate we installed to the website

Ok your way out

Now open elevated  CMD and run

IISreset /noforce

Next step in the configurations

Creating a highly available share using DFS

Related Posts

• Active directory certificate services 2008R2 overview
• Active Directory Rights Management Services (AD RMS ) : Part 8 ( Enable Super users and Creating Templates)
• Active Directory Rights Management Services (AD RMS ) : Part 4 ( To cluster or not to cluster that is the Question )
• Active Directory Rights Management Services (AD RMS ) : Part 3 ( Available Rights and other technologies )
• Active Directory Rights Management Services (AD RMS ) : Part 2 ( The Parts and process )
• Active Directory Rights Management Services (AD RMS ) : Part 10 ( Exchange 2010 and RMS )
• Active Directory Rights Management Services (AD RMS ) : Part 5 ( Creating NLB )