How can I get SBS2011 to issue certificates?
/certsrv is one of a few ways you can manually request certificates from a client. It's kind of the legacy way in Vista and newer. If you wanted to manually request a computer certificate on Vista/Win7:
- Open a MMC
- Add Certificates snap-in for Computer
- Under Personal/Certificates, r-click and choose Request New Certificate
- You should see a policy in the wizard you can use and should then see Computer certificate
The best way is to do it automatically through GPO. For computer certificate auto enroll:
- Edit the Default Domain Policy (GPO)
- Under Windows Settings > Security Settings > Public Key Policies
- Open Certificate Services Client - Auto-Enrollment Properties and enable it, and check both boxes
On server you should have one or more MMC consoles for Certificate Services management, not sure if SBS2011 pulls those into it's mgmt GUI or not.
Related videos on Youtube
Basic
If you need to contact me, you know what to do... [email protected]
Updated on September 18, 2022Comments
-
Basic over 1 year
I want to use certificates to authenticate both client and server for a new internal service.
Since all our servers already have the SBS (2011 Standard) server's Cert installed as a Trusted Root, getting it to issue the new certificates seems like the right way to go.
All the documentation seems to indicate I should browse to
SbsServer/certsrv
but there's nothing at that address. I've tried adding all the Role Services through the ferature manager that seem like they may be relevant, but still nothing.Do I need to use the web front-end to issue certificates? If so, how can I enable it? If not, is there a wizard I can use?
-
HopelessN00b almost 12 yearsWhat specific version of SBS? The low-end one (essentials?) won't, period.
-
Basic almost 12 years@HopelessN00b My apologies, I should've mentioned. It's "SBS 2011 Standard. Initially a trial installation then upgraded to Partner Network license.
-