Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

This guide is an indepth guide on how to generate a certificate using the Client Cert Request Util available here.

Note
titleKeeping the same directory

Keeping the Client Cert Request Util in a centralised folder without moving between generating the REQ and KEY files and then returning the Partial Certificate makes things easier. Keeping in a single folder on the desktop or in documents will keep things easier to keep track of.

Request a new certificate

  1. Run the Request Util program and then select Request a new certificate.
    Image Removed
    Image Added

  2. Fill out the fields required with the relevant information, and continue clicking next.
    Image Removed
     Image RemovedImage Added Image RemovedImage AddedImage Added

    Note
    titleCommon Name

    The Common Name field will be what shows up in the Certificate Selection screen in the browser. Can either be shared as a generic user for the practice or company, or can be specified as a certain user.


  3. Click Generate Request, and then click on Save Request and choose a location to save the Request File (.req).
    Image Removed
    Image Added

  4. Anchor
    Key File Password
    Key File Password
    Click Save Key and choose a location to save the Key File (.key). Select a passphrase that will unlock the key upon returning the partial certificate (not the final password for login).
    Image Removed
    Image Added

  5. The saved Request file will need to be combined with the CATool program in order to return the partial certificate to the Client Cert Request Util and corresponding Key file to generate a full certificate.

Complete a returned certificate

  1. Download and move the returned partial certificate.cer file into the original directory that you ran the RequestUtil.exe from as previewed below:
    Image Removed
    Image Added

  2. Run the Request Util program and then select Complete a returned certificate
    Image Removed
    Image Added

  3. Select the corresponding Key file that correctly matches to the returned partial certificate.
    Image Removed
    Image Added

  4. Click on Load Certificate and open the returned partial certificate file.
    Image RemovedImage Removed
    Image AddedImage Added

  5. Enter the password of the Key file that you set earlier in Step 4 of Request a new certificate.
    Image Removed
    Image Added

  6. Click Next.
    Image Removed
    Image Added

  7. From here you can either import the certificate from within the wizard, or export the full certificate and import it once saved as a file.

Import Completed Certificate Request into Windows

Warning
titleWarning

This step is only required if you are using the certificate in Windows on the machine you are on and want to be prompted(This is a safer option) when the certificate is used. Subsection "Export to P12" is recommended instead if you have an automated system that can't supply a password to log into the certificate.


  1. Select Import Completed Certificate Request into Windows.
    Image Removed
    Image Added

  2. Click Set Security Level.
    Image Removed
    Image Added

  3. Change to High, and click Next.
    Image Removed
    Image Added

  4. You will then be required to set a password that will be utilised when using the certificate to login. Once configured, click finish.
    Image Removed
    Image Added

Export to P12

  1. Select Export to P12, and choose a location to save the file, such as the folder you have been working in, and set a password that will unlock the certificate (not the final password).
    Image Removed
    Image Added Image RemovedImage Added Image RemovedImage Added

  2. Double click the saved certificate, which should now start the Certificate Import Wizard (depending on Windows version). Keep Current User selected and click next.
    Image Removed
    Image Added

  3. Leave file name as is, and click next.
    Image Removed
    Image Added

  4. Type in the password used earlier in Step 1. Also would be recommended to tick Enable strong private key protection(Do not do this if you have an automated system that can't supply a password to login to the certificate).
    Image Removed
    Image Added

  5. Select Place all certificates in the following store, and choose Personal. Click Next.
    Image Removed
    Image Added

  6. Click Finish on the next screen to complete the wizard.
    Image Removed
    Image Added

  7. Click Set Security Level.
    Image Removed
    Image Added

  8. Change to High, and click Next.
    Image Removed
    Image Added

  9. You will then be required to set a password that will be utilised when using the certificate to login. Once configured, click finish.
    Image Removed
    Image Added

  10. The final The import was successful prompt should appear.
    Image Removed
    Image Added


Table of Contents
outlinetrue
stylenone