This article will guide you through the process of applying a self-signed (Internal CA) SSL certificate in ADSelfService Plus.
Note: If you already have an SSL certificate, skip to Step 4.
1. Click the SSL Certification Tool button.
2. Click Generate Certificate and fill in all the necessary fields. Refer to the table below:
3. Once you’ve entered all the details, click the Generate CSR
Step 3: Submit the generated CSR file to your Certification Authority
- When you click the Generate CSR button, two files—SelfService.csr and SelfService.keystore—will be generated.
- You can locate the SelfService.csr file in <Installation_directory>\webapps\adssp\certificates folder and the SelfService.keystore file in <Installation_directory>\jre\bin folder.
- Submit the SelfService.csr file to your Certification Authority (CA).
- Log in to Microsoft Certificate Services (https:\\server-name\certsrv).
- Click Request a Certificate → Advanced Certificate Request.
6. Click Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
7. Paste the contents of your SelfService.csr file in the Saved Request field.
8. It's always recommended to open the CSR file from its native location using a text editor rather than opening from the browser.
9. When you copy the contents of SelfService.csr file, please ensure that no additional space from the end of the file is also copied along with it.
10. Set the certificate template as Web Server and click Submit.
11. In the Certificate Issued page that appears, select DER encoded.
- Click Download certificate to download the certificate in CER file format.
- Click Download certificate chain to download the certificates in a P7B file format.
12. Place the certificate files at <Installation_directory>\jre\bin.