Retrieving an Advanced Certificate (Windows Embedded CE 6.0)

  • Article

1/6/2010

To install a server certificate for the Web server that runs on the Windows Embedded CE-based device, you must first request a certificate from a certificate server.

By default, every certification authority that is hosted on a server that runs either Windows 2000 or Windows Server 2003 has Web pages available for users and administrators. These are used to perform various tasks related to requesting certificates. These Web pages are located at http://servername/certsrv, where servername is the name of the server that hosts the certification authority.

For detailed information about certificates, see this Microsoft Web site. For information about how to obtain a server certificate for a certificate server, see this Microsoft Web site.

To submit an advanced certificate request

  1. On your development workstation running Platform Builder, open Internet Explorer.

  2. In Internet Explorer, open http://<ServerName>/certsrv, where ServerName is the name of the Windows 2000 or Windows Server 2003 Web server where the certification authority that you want to access is located. The certsrv part of the URL should always be in lowercase letters.

  3. Choose Request a certificate.

  4. Choose advanced certificate request.

  5. Choose Create and submit a request to this CA.

  6. Enter any identifying information that is requested and set any other options that you must have.

    Field Description

    Name

    Set this field to the name of the server that requires the certificate.

    Type of Certificate Needed

    Set this field to "Server Authentication Certificate"

    Key Options

    Select the following check boxes:

    • Mark keys as exportable
    • Export keys to file
    • In the Full path name field: Enter a name for the private key (.pvk) file. This file will be saved on your hard disk drive.

  7. Choose Submit.

  8. Acknowledge all the security warnings that appear.

  9. In the Create Private Key Password dialog box, enter a password for the private key, and choose OK.

  10. If Auto-approval is configured, the Certificate Issued page appears. On the Certificate Issued page, choose Download the certificate and save the certificate (.cer) file to your hard disk drive.

    If Auto-approval is not configured, go to http://servername/certsrv and view the status and download section, so that you can approve the certificate.

The private key (.pvk file) and the certificate (.cer file) are now stored on the hard disk drive of your development workstation. You can now install the certificate on the Windows Embedded CE-based device that functions as the Web server. For more information, see Installing the Certificate on a Windows Embedded CE-based Web Server.

See Also

Concepts

How to Set Up a Server Certificate for a Windows Embedded CE Web Server