When I try to import a server certificate from firefox I receive the
following message:
This personal certificate can't be installed because you do not own the
corresponding private key which was created when the certificate was
requested.
Steps to reproduce the problem
Step 1: Generate a certificate request for windows server 2003
Create the .inf file. to create the certificate request.
;----------------- request.inf -----------------
[Versión]
Signature="$Windows NT$
[NewRequest]
Subject = "CN = < fqdn de DC >"; Reemplazar por el FQDN del controlador
de
dominio
KeySpec = 1
KeyLength = 1024
; Puede ser 1024, 2048, 4096, 8192 y 16384.
; Tamaños de clave mayores son más seguros, pero tienen
; un mayor impacto en el rendimiento.
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; Esto es para la autenticación de servidor
;-----------------------------------------------
Step 2: Create the request file. To do this, type the following command at
the command prompt, and then press ENTER:
certreq -new request.inf request.req
Step 3: Submit the request to a CA.
Step 4: We approve the certificate from the administrator of dog tag
Step 5: We click on the retrieve tab then on list certificate then we look
for our certificate and click on the button import your certificate.
Show us the following message
How can I solve the problem?