SharePoint Pals
 | Sign In
Creating a Domain Certificate from Certificate Authority through IIS Server
by Sathish Nadarajan 3 Jan 2014
SharePoint MVP
Today  :   13     Total  :    20784

In the previous article, we saw how to install ADCS and convert our Windows Server 2008 R2 into a Certification Authority Server. In this post, let us see, how to use that CA to issue certificate for us.

There are 2 ways to create the certificate using CA. In this article, let us see one through IIS Server.

Approach I – Through IIS:

In this Approach, the same as that of creating a Self-Signed Certificate, we can also create a Domain Certificate as well. Only thing is, Active Directory Certificate services should be installed on the Domain. If it is not properly installed, then we cannot create a Domain Certificate. Though we are able to see the link to Create Domain Certificate from the IIS, we cannot create. Let us see, how we cannot Create first.

Let us go to the IIS Server.


On the Right Pane, we can see the option to Create Domain Certificate. Click that one.


We need to give all the necessary information. Then only Next Button will get enabled.

For documentation purpose, am giving test in all the fields.


When I press Next, the next screen would be



Since, there is no CA installed, we cannot proceed further.

Let us see, if the CA is installed, (the screen shots were taken from a different environment. Hence the name of the servers will not match with the previous ones)

Now, the Certification Authority Selection Button will be enabled.


Select the CA which we installed already.


Give a Friendly Name and click Finish


The certificate got Created.


The major difference, which I thought of explaining is, the “Issued To” field. This field is coming from the Common Name which we gave on the First Screen. For reference, the same is pasted here.


Hence, if we want a certificate against any specific machine, then we need to give the machine name or the full name of the machine (along with the domain) on the Common Name Field. The other fields, doesn’t have much impact.

And much more important difference is renewal.

On the below screen shot,


Only the “Test” is domain Certificate. The remaining 2 are Self-Signed Certificate. To identify them, select and Right click on the Certificate. You cannot find an option for renew. Only Domain Certificates can be renewed. Self-Signed Certificates cannot be renewed.



As I mentioned, there are 2 ways to Create a domain Certificate. In this post, we saw one of the approach. The second approach, we will see in the upcoming posts. Thanks.

Happy Coding.

Sathish Nadarajan.

blog comments powered by Disqus

SharePoint Pals

SharePoint Pals, a community portal for SharePoint developers, Administrators and End Users. Let's join hands and share the point together.
Read this on mobile


Angular Js Training In Chennai
Advanced Angular Js training with real world developer scenarios
Angular Js, Web Api and Ionic for .Net Developers
All in one client side application development for .Net developers
Angular Js For SharePoint Developers
Get ready for the future. Its no more just C#

Get Connected

SharePoint Resources

SharePoint 2013 and 2010 Web Parts
Free Web Parts with Source Code for SharePoint Community

SharePoint 2013 Books and Tutorials
Collection of free SharePoint 2013 books and tutorials (eBooks, pdfs)

Supported By

Contribute your article and be eligible for a one month Free Subscription for Plural Sight. The Author of the most popular New Article (published in the previous month) will be awarded with a Free One month Plural Sight Subscription. Article can be sent to in a word document.

Related Resources

Recent Tweets

Twitter January 15, 00:25
How To Enable Target Value And Actual Value In #D3 Gauge Chart

Twitter January 15, 00:24
How To Open #SharePoint List Hyperlink Column In Modal #Popup Window

Twitter January 15, 00:24
Quick Introduction To #Asp.NetCore And It’s Features

Twitter January 15, 00:22
How To Configure #PerformancePoint Services To Use Secure Store In #SharePoint 2013

Twitter January 15, 00:21
How To Block Or Disable #Office365 Services

Follow us @SharePointPals
Note: For Customization and Configuration, CheckOutRecent Tweets Documentation