Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

How to create and to import certificates for use by Groove Data Bridge Server 2007


View products that this article applies to.

Introduction

This article describes how to create and to import certificates for use by Microsoft Office Groove Data Bridge Server 2007.

↑ Back to the top


More information

How to create a certification authority on a computer that is running Windows Server 2003

  1. Click Start, click Run, type appwiz.cpl, and then click OK.
  2. Click Add/Remove Windows Components.
  3. Click Certificate Services. You receive the following message:
    After you install Certificate Services, the computer name and domain membership may not be changed due to the binding of the machine name to CA information stored in the Active Directory. Changing the machine name of domain membership would invalidate the certificates issued from the CA. Please ensure the proper machine name and domain membership are configured before installing Certificate Services. Do you want to continue?
  4. If you are sure that the computer name and the domain membership do not have to be changed, click Yes, and then click Next.
  5. Click Stand-alone root CA, and then click Next.
  6. Enter the information in the Common name for this CA field and in the Validity period field, and then click Next.
  7. Enter locations for the certificate database, the database log, and the configuration information, and then click Next.

    Alternatively, click Next to accept the default values.
  8. Click Yes when you receive the following message:
    To complete the installation, Certificate Services must temporarily stop Internet Information Services. Do you want to stop the service now?
  9. When you are prompted for the Windows Server 2003 installation files, provide a source for the files to complete the installation.
  10. Click Finish.

How to create a certification authority on a computer that is running Windows Server 2008

  1. Click Start, and then select Server Manager.
  2. Under Roles Summary, click Add roles.
  3. In the Add Roles Wizard, click Active Directory Certificate Server in Select Server Roles, and then click Next.
  4. In Role Services, click Certificate Authority Web Enrollment. When you are prompted to add role services, click Add Required Role Services.
  5. Complete the wizard. You can customize settings or accept the default settings.
Note If the certification authority is running on Windows Server 2008, you must add the certification authority to the list of trusted sites.

How to use the certificates on the server that is running Data Bridge Server 2007

  1. Download and then import a certification authority certificate to the Data Bridge Server 2007 server. To do this, follow these steps:
    1. In Internet Explorer, visit the following Web site:
      http://ComputerName/certserv
      Do this to connect to Active Directory Certificate Services on the computer on which you configured Certificate Services.
    2. Click Download a CA certificate, certificate chain or CRL.
    3. Open the certificate, and then click Install certificate.
    4. Click Next.
    5. Click Place all certificates in the following store, and then click Browse.
    6. Click Show physical stores, expand Trusted Root Certification Authorities, click Local Computer, and then click OK.
    7. Click Next, and then click Finish.
  2. Request a certificate to export to the Data Bridge Server 2007 server. To do this, follow these steps:
    1. In Internet Explorer, visit the following Web site:
      http://ComputerName/certserv
      Do this to connect to Active Directory Certificate Services on the computer on which you configured Certificate Services.
    2. Click Request a certificate.
    3. Click advanced certificate request, and then create a request to this certification authority by clicking to select the following check boxes:
      • Mark keys as exportable
      • Enable strong private key protection
    4. Click Yes when you receive the following message:
      Do you want to request a certificate now?
    5. Click OK.
    6. On the Certificate Issued page, click Install this certificate.
    7. In Internet Explorer, click Internet Options on the Tools menu, and then click the Content tab.
    8. Under Certificates, click Certificates, locate and then click the certificate that you installed, and then click Export.
    9. In the Certificate Export Wizard, click Yes, export the private key, and then click Next.
    10. Create a name for the file. You may want to use the same name as the certificate name. The certificate name must match the member name that you will create later in Groove Management Server. Additionally, when you use the same name for the file, the file will be easier to associate with the correct certificate.

      Accept the defaults for other values.
    11. Click OK. The exported certificate appears on the desktop. To use the certificate, you must import it to the Data Bridge Server 2007 server. To do this, go to step 3.
  3. Import the certificate to the Data Bridge Server 2007 server. To do this, follow these steps:
    1. Start Microsoft Management Console.
    2. On the File menu, click Add/Remove Snap-in.
    3. Click Add.
    4. In the Add Standalone Snap-ins dialog box, click Certificates, and then click Add.
    5. Click Computer account, and then click Next.
    6. Click Local Computer, and then click Finish.
    7. Click OK, and then click Close.
    8. From Console Root, expand Certificates (Local Computer), right-click Personal, point to All tasks, and then click Import.
    9. Click Next.
    10. Click Browse, locate and then click the certificate, and then click Open.
    11. Click Next.
    12. Click Place all certificates in the following store, click Browse, click Personal, and then click Next.
    13. Click Finish.

      Note After you have successfully exported and imported the certificate, you can remove the certificate. To do this, follow these steps:
      1. In Internet Explorer, click Internet Options on the Tools menu.
      2. Click the Content tab, and then click Certificates.
      3. Select the certificate that you want to remove, and then click Remove.
  4. Create a managed Groove domain identity that can run Data Bridge Server 2007 as a service. To do this, follow these steps:
    1. In Internet Explorer, visit the following Web site:
      http://ServerName/gms
      Do this to connect to the Groove Management Server.
    2. Expand the Groove domain that will use the certificate.
    3. In the domain, click Members.
    4. On the Members tab, click Add Members.
    5. Click Add Single Member, and then click Next.
    6. In the Select Member Settings dialog box, click Next.
    7. In the Add Single Member dialog box, enter the required information, and then click Finish to create the member.

      Note You may want to use an administrative address for the e-mail address so that workspace managers can obtain a point of contact from the member properties.

      Data Bridge Server 2007 can now run as a service.

↑ Back to the top


Keywords: KB928146, kbexpertiseadvanced, kbhowto

↑ Back to the top

Article Info
Article ID : 928146
Revision : 2
Created on : 12/11/2006
Published on : 12/11/2006
Exists online : False
Views : 506