You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/firewall/premium-deploy-certificates-enterprise-ca.md
+11-11Lines changed: 11 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,24 +31,24 @@ To use an Enterprise CA to generate a certificate to use with Azure Firewall Pre
31
31
## Create a new Subordinate Certificate Template
32
32
33
33
1. Run `certtmpl.msc` to open the Certificate Template Console.
34
-
2. Find the "Subordinate Certification Authority" template in the console.
35
-
3. Right-click on the "Subordinate Certification Authority" template and select "Duplicate Template".
36
-
4. In the "Properties of New Template" window, go to the "Compatibility" tab and set the appropriate compatibility settings or leave them as default.
37
-
5. Go to the "General" tab, set the "Template Display Name" (e.g., "My Subordinate CA"), and adjust the validity period if necessary. Optionally, check the "Publish certificate in Active Directory" checkbox.
38
-
6. In the "Settings" tab, ensure the required users and groups have read and enrol permissions.
39
-
7. Navigate to the "Extensions" tab, select "Key Usage", and click "Edit".
40
-
- Ensure that the "Digital signature", "Certificate signing", and "CRL signing" checkboxes are checked.
41
-
-Check the "Make this extension critical" checkbox and click "OK".
42
-
:::image type="content" source="media/premium-deploy-certificates-enterprise-ca/certificate-template-key-usage-extension.png" alt-text="Screenshot of certificate template key usage extensions":::
43
-
8.Click "OK" to save the new certificate template.
34
+
2. Find the **Subordinate Certification Authority** template in the console.
35
+
3. Right-click on the **Subordinate Certification Authority** template and select **Duplicate Template**.
36
+
4. In the **Properties of New Template** window, go to the **Compatibility** tab and set the appropriate compatibility settings or leave them as default.
37
+
5. Go to the **General** tab, set the **Template Display Name** (for example: `My Subordinate CA`), and adjust the validity period if necessary. Optionally, select the **Publish certificate in Active Directory** checkbox.
38
+
6. In the **Settings** tab, ensure the required users and groups have read and `enrol` permissions.
39
+
7. Navigate to the **Extensions** tab, select **Key Usage**, and select **Edit**.
40
+
- Ensure that the **Digital signature**, **Certificate signing**, and **CRL signing** checkboxes are selected.
41
+
-Select the **Make this extension critical** checkbox and select **OK**.
42
+
:::image type="content" source="media/premium-deploy-certificates-enterprise-ca/certificate-template-key-usage-extension.png" alt-text="Screenshot of certificate template key usage extensions.":::
43
+
8.Select **OK** to save the new certificate template.
44
44
9. Ensure the new template is enabled so it can be used to issue certificates.
45
45
46
46
## Request and export a certificate
47
47
48
48
1. Access the web enrollment site on the Root CA, usually `https://<servername>/certsrv` and select **Request a Certificate**.
49
49
1. Select **Advanced Certificate Request**.
50
50
1. Select **Create and Submit a Request to this CA**.
51
-
1. Fill out the form using the Subordinate Certification Authority template created in previous section.
51
+
1. Fill out the form using the Subordinate Certification Authority template created in the previous section.
52
52
:::image type="content" source="media/premium-deploy-certificates-enterprise-ca/advanced-certificate-request.png" alt-text="Screenshot of advanced certificate request":::
53
53
1. Submit the request and install the certificate.
54
54
1. Assuming this request is made from a Windows Server using Internet Explorer, open **Internet Options**.
0 commit comments