Sign the certificate request by the Certification Authority

In this step, the Certification Authority converts the certificate request to a real certificate by signing/issuing the request.

Click Start, All Programs, Administrative Tools, Certification Authority. The MMC shows the Certification Authority snap-in. Select the Certification Authority and select menu option All tasks, Submit new request….

Browse to the file that contains the certificate request ldapcert.req and submit the request. If the computer that runs the LDAP Server and the computer that runs the Certification Authority are not connected, you need to use a diskette or memory stick to access the file.

The request is now processed by the Certification Authority. When ready the request can be selected from the section with Pending Requests.

Figure 48: Issue the submitted certification request.

Select menu option Issue to accept the request. The certificate is then stored in the section Issued Certificates. Select the certificate from the section Issued Certificates and select menu option Open.

Figure 49: Result certificate, issued by the Certification Authority.

Click on the Details tab and select the button Copy to File… to export the certificate to a file. Follow the wizard instructions. When asked, select the format Base-64 encoded binary X.509 (.CER). For the name of the file, select ldapcert.cer. Complete the wizard.

Before the certificate can be installed on the domain controller, the root certificate of the Certification Authority must be installed on the domain controller.