Step 5a: Creating the MDM Gateway Certificate Request and Certificate

  • Article

2/9/2009

Follow these steps to request, create, and install a certificate for Mobile Device Manager Gateway Server. You perform these procedures from a computer that is running MDM Gateway Server, and any domain-joined server that has access to the certification authority. Complete steps 1 through 5 on MDM Gateway Server. Complete steps 6 and 7 on a domain-joined computer, and then steps 7 and 8 on MDM Gateway Server.

To create the MDM certificate request and MDM Gateway certificate, and then install the certificate

  1. On the server that you want to install MDM Gateway Server, start Notepad, and then manually type the following information:

    [NewRequest]

    Subject = “CN=GatewayServerFQDN”

    MachineKeySet = True

    KeySpec = 1

    Note

    You must manually type the previous text into Notepad. Do not use Copy and Paste for this procedure. In the Subject field, type the FQDN for MDM Gateway Server. This must match the DNS entry in internal DNS that the MDM Device Management Server uses to connect with MDM Gateway Server. This is the same DNS entry that you enter in the Add MDM Gateway Wizard.

  2. On the File menu, choose Save As, in the File name box, type GatewayCertReq.inf, and then save the file to the desktop.

  3. Open a Command Prompt window and then type the following command:

    certreq –new GatewayCertReq.inf GatewayCertReq.txt

    Note

    At the command prompt, you must locate the directory where the file GatewayCertReq.inf resides.

  4. Press ENTER.

  5. The previous command will create the request file, GatewayCertReq.txt. This file should be created and stored in the same directory as the GatewayCertReq.inf file.

  6. Copy the GatewayCertReq.txt file to a domain-joined server that is in the domain. Put the file into any secure directory, open a Command Prompt window, and then move to the directory where GatewayCertReq.txt is located. Type the following command:

    certreq –submit –attrib "CertificateTemplate:SCMDMWebServer (<instance name>)" GatewayCertReq.txt GatewayCert.cer

  7. Press ENTER. A dialog box may appear that instructs you to choose a certification authority. In the list, select your designated certification authority and then choose OK. This will create the Gateway certificate. You must put the newly created .cer file on the computer that is running MDM Gateway Server.

  8. On the server that you want to install MDM Gateway Server, open a Command Prompt window, and then type the following command:

    certreq –accept GatewayCert.cer

    Note

     This command will import the newly created MDM Gateway Certificate into the Personal Certificate Store. At the command prompt, you must locate the directory where the file GatewayCert.cer resides.

  9. Press ENTER and then close the Command Prompt window.