LDAP Feature for the Remote Console Switch
188
a
Select
Start - Control Panel - Add or Remove Programs.
b
Select
Add/Remove Windows Components
.
c
In the Windows Components Wizard, select the
Certificate Services
check box.
d
Select
Enterprise root CA
as CA Type and click
Next
.
e
Enter Common name for this CA, click
Next
, and click
Finish
.
2
Enable SSL on each of your domain controllers by installing the SSL
certificate for each controller.
a
Click
Start - Administrative Tools - Domain Security Policy
.
b
Expand the Public Key Policies folder, right-click
Automatic
Certificate Request Settings
and click
Automatic Certificate
Request
.
c
In the Automatic Certificate Request Setup Wizard, click
Next
and
select
Domain Controller
.
3
Click
Next
and click
Finish
.
A certificate/private key file can be created using openssl using Linux.
Openssl can be downloaded from
openssl.org
. Any instructions below with
text in <> is where a user would need to set a value based on the criteria at
the end of that line.
To create a certificate to import:
1
From the Linux command prompt, type openssl and hit Enter. The user
should be at the OpenSSL prompt.
OpenSSL> genrsa -out privatekey.pem <512>
Generating RSA private key, 512 bit long modulus
..........++++++++++++
.....++++++++++++
e is 65537 (0x10001)
OpenSSL> req -new -key privatekey.pem -x509 -out certificate.pem-batch
-days <365>