Using your own certificate service you will be able request, generate and sign your own certificates. Thus you will not need to request certificates from the public Certificate Authority (CA), such as Verisign, Inc. and pay for it. However, such "home-made" certificates will not be trusted unless the
CA certificate chain is
explicitly added
in the appropriate certificate store
.
To set up your own certificate service:
a)
Click Start -> Control Panel -> Add/Remove Programs.
b)
Check that the Certificate Services are installed, if so continue to step 4.
c)
If Certificate Services are not installed, select Certificate Services and click Next.
d)
Select Stand-alone root CA as the certification authority type, check Advanced options and click Next.
e)
Keep default settings and click Next.
f)
Fill the form (at least CA authority name must be specified) and click Next.
g)
Keep default settings and click Next.
h)
Click Finish.
a)
Click Start -> Control Panel -> Administrative Tools -> Certification Authority.
b)
Right click your certification authority listed under Certification Authority (Local) and click Properties.
c)
Select Policy Module tab and click Configure.
d)
On the Default Action page you can specify whether the administrator must explicitly issue the certificate or whether the certificates are automatically issued. Choose the first option and click OK.
Now the Certificate Service should be correctly installed and configured.