1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

help on generating certificate

Discussion in 'Windows Security' started by calderara, Sep 14, 2009.

  1. calderara

    calderara Guest

    Dear all,

    i do not know if it is the right place to post this but I try .
    I am using an ammplication with WCF service and I need to configured
    certificate for authentication and associate them to an SSL port.

    For that I do the following using makecert tool:
    ===============================

    1- Create a self sign root authority certificate and export the private key
    makecert -n "CN=myLocalCA" -r -sv myLocalCA.pvk myLocalCA.cer -sky exchange

    2 - add it too root
    ============
    certmgr -add myLocalCA.pvk -s -r localmachine root

    3- Create a certificate signed with previous authority
    ==================================
    makecert -sky exchange -iv DemoWcfCA.pfx -n "CN=DemoWcfCA" -ic
    DemoWcfCA.cer DemoWcf.cer -sr localmachine -ss My

    So far so good. then I follow the procedure to attache this certificate to
    my service SSL port as follow:
    netsh http add sslcert ipport=0.0.0.0:8000
    certhash=37e022ecfb37b05a2735a2894537f5b650ad3ecc
    appid={F09BD073-946E-45cf-A8F5-F2B220799405}

    it install successfully but when accessing my service at the adress
    https://<mymachinename>:8000/myservice I get an error saying :

    "impossible to build a trust relashionship for the secure chanel SSL/TLS
    with the authority <mymachinename>"

    I am getting mad, I guess that the certificate as not been properly attached
    to the machine name. How to resloved this error ?

    Thanks for your help
    regards
    serg
     
    calderara, Sep 14, 2009
    #1

Share This Page