The next step in creating a mutual trust relationship is verifying your approval and installing your client authentication certificate. Your IIS web server must have the client authentication certificate installed first before installing it on any SharePoint central administration or web front-end (WFE) servers.
Verify the status of your certificate request using the same IIS web server and Web browser from which you submitted the request. If your certificate is approved, install the certificate on your IIS web server first.
Follow these steps:
https://fully_qualilfied_domain_name_of_server_running_active_directory_certificate_services/certsrv
An example of such a URL is https://certificateauthority.example.com/certsrv.
A list of your certificate requests appears.
The Certificate Issued screen appears. If it does not, contact the certificate administrator in your organization for more information.
A confirmation dialog appears.
The certificate is installed under My User Account on your IIS web server. Continue with the next step of installing the certificate snap-ins on your IIS web server.
The next step for creating a mutual trust relationship between the Claims WS and the CA SiteMinder claims provider is adding the certificate snap-ins.
The following accounts on your IIS web server require the certificate snap-in:
Follow these steps:
The Run dialog appears.
The Microsoft Management console appears.
The Add or Remove Snap-ins dialog appears.
The Certificates snap-in dialog appears.
The Certificates snap-in dialog closes. The Certificates snap-in appears in the Selected snap-ins list.
The Certificates snap-in dialog appears.
The Add or Remove Snap-ins dialog closes. The certificate snap-ins are added.
The next step for creating the mutual trust relationship is exporting the client certificate from the current user certificate store.
The Windows operating environment uses several different locations within the same computer to store certificates. These locations vary depending on the user account type. Installing your client authentication certificate on your IIS web server placed it in the following store:
Export the certificate from the current user certificate store so it can be added to the other certificate stores on the computer.
Follow these steps:
The Run dialog appears.
The Microsoft Management console appears.
A list of certificates appears.
The certificate export wizard opens.
The client certificate is exported. Note the location of the exported certificate. Continue with the next step of importing the certificate into the local computer certificate store.
The next step for creating the mutual trust relationship is importing the client authentication certificate into the local computer certificate store.
Import the client authentication certificate into the following certificate store on your IIS web server.
Follow these steps:
The Run dialog appears.
The certificates folder appears.
The certificate appears.
Copyright © 2013 CA.
All rights reserved.
|
|