Creating a DPS or an Application Server certificate

You create the certificate that is based on the service type. You should verify that the service type that you select creates the appropriate certificate. You can create certificates for either the Data Processing Service (DPS) or Application Server.

When the certificate file is created, the file name uses the service name and the host name of the certificate. You cannot use the comma character in the certificate file name. The certificate file is created with a .p12 extension.

You can create multiple certificates. Certain property fields are used as default information from the previous certificate, but all of the fields can be edited. Every field in the Create Certificates dialog box is required. The information that you provide in the certificate is not validated. You should verify that the information is accurate. You must have local administrator rights to create a certificate and you must be a CCS administrator and know the root certificate password.

You are not prompted for a root certificate password if the following events have occurred:

You can find a list of the country codes at:

http://www.iso.org/iso/country_codes/iso_3166_code_lists/english_country_names_and_code_elements.htm

The Certificate Management console fails to create certificates on a Microsoft Windows Server 2008 unless the console is run as the administrator.

To create a DPS or an Application Server certificate

  1. Click Start > All Programs > Symantec Control Compliance, and select Certificate Management Console

  2. You may be prompted to provide the Root Certificate Password.

    The Root Certificate password is created during installation.

  3. Click OK.

  4. In the Certificate Management Console toolbar, click Create Certificates.

  5. In the Create Certificate dialog box, in the Service Type area, do one of the following:

    • Click AppServer

    • Click DPS

    The default selection is DPS.

  6. In the Expired In field, select the number of years.

    The default value is 25.

  7. In the Organization field, provide a name.

    You can change the default name during certification creation.

  8. In the Division field, provide a name.

    You can change the default name during certification creation.

  9. In the City field, provide a name.

    You can change the default name during certification creation.

  10. In the State/Province field, provide a name.

    You can change the default name during certification creation.

  11. In the Country field, provide a name.

    You can change the default code during certification creation.

  12. In the NetBIOS Name field, provide the name.

    The NetBIOS Name must be less than 15 bytes in length.

  13. In the FQDN field, provide the name.

  14. In the IP Address field, provide the information.

  15. Click plus(+) sign to add multiple TCP/IP addresses, if needed.

  16. In the Destination folder field, provide the location for the saved certificate file.

    You can browse to select the location.

  17. In the Password field, type a password.

  18. In the Retype Password field, type the same password to confirm the spelling.

  19. Click Create Certificate.

  20. In the Success message box, click OK.

  21. In the Create Certificate message box, click Yes to create another certificate, if needed.

More Information

Using the Certificate Management console

Managing certificates

Renewing certificates

Revoking certificates

Removing revoked certificates