How to issue with approval a certificate without its private key and import it on the same computer

Here are the main guidelines with explicit examples.
For more information about a particular step, follow the links.

  1. Create a request policy file.
  2. Use the policy file to create an encoded request file.
    certreq -new C:TempServer_RequestPolicy.inf C:TempServer_CertificateRequest.req

    certreq newMore about certreq -new.

  3. Submit the request file to the Certificate Authority.
    certreq -submit -attrib "CertificateTemplate:WebServer" C:TempMyServer_CertificateRequest.req

    In return you will get a Request ID number.certreq submit

    More about certreq -submit.

  4. Go to the Certificate Authority console and approve the pending request.
    Certificate Authority console
  5. Come back to the computer where you submitted the request and download the certificate with the Request ID you got at step 3.
    certreq -retrieve 17877  C:TempServerCertificate.cer

    certreq retrieveMore about certreq retrieve.

  6. Import the certificate into your store.
    certutil -addstore -user -f "My" C:TempServerCertificate.cer

    certutil addstoreMore about the certutil -addstore.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s