Note: For operations with a router, a combination of PKCS#12 file with root certificate, a proprietary device certificate and the device's public key offer the best services.
- Using your browser, access the start page of the Microsoft Certificate Services.
- For the certificate type, select 'Advance Certificate Request'.
- The next step is to selection the option 'Generate and submit a certificate request '.Note: If, and only if, the root certificate is already available as a file, select the option 'BASE64'.
- In the following step the information for identification is entered.
- In the same dialog, select the certificate template as 'Other...' and then delete the value in 'Object ID'.
- Mark 'Create new key set'. The public and private keys for the current user will now automatically be generated by the CA.
- Select the key size according to certificate policy and activate the option to mark keys as exportable.Note: The key is not exported at this point and so a file name does not have to be specified. An export would create a Microsoft-specific *.pvk file, a format which is unsuitable for use with a LCOS.
- Finally, select the hash algorithm 'SHA-1' and send your certificate request with a click on Submit.
Note: You can check on the status of your certificate request at any time via the Windows CA start page. Certificate requests can only be viewed from the same computer used to submit the request. - The certificate can be installed on your computer once the CA administrator has checked the request and created the certificate.
Note: Certificates can only be installed on the same computer that was used for the request.
