I’m working on a BizTalk project where we’re testing the use of security certificates, and
I’ve just had a bear of a time finding thorough walkthroughs of setting this up. It’s barely
mentioned in the available BizTalk books, and while the BizTalk 2004 whitepaper (which
has now been added to the BizTalk 2006 documentation) has some very nice coverage,
it wasn’t exactly what I wanted. So, after much toil (and threats of lighting myself on
fire), I present a step-by-step for building a certificate scenario using test certificates.
I’ve used the .NET Framework tool makecert to build local test certificates. The hardest
part for me was getting the correct series of command line parameters to build the cert
I wanted. I finally put together one that worked:
makecert -r -pe -n “CN=www.seroter.com” -b 02/01/2007 -e 01/01/2036 -eku
1.3.6.1.5.5.7.3.1 -ss my -sr currentuser -sky exchange -sp “Microsoft RSA SChannel
Cryptographic Provider” -sy 12
For a description of the available parameters, check out the MSDN page for makecert.
What this did, was create a (self-signed) certificate, and placed it in my “current user”
personal store.
You can see from the shot here that the certificate’s private key is included.
So first, I exported the private key certificate out. To do this, I selected the certificate,
right-clicked, and chose export. As you can see below, I chose to Yes, export the private
key and created the .pfx file.
No comments:
Post a Comment