Windows Azure - Creating a x509 Management Certificate in Azure Portal: Part 1

Introduction:

In this article we are going to see how to create a new x509 Management Certificate using IIS 7.

Overview:

This article will give an overview of how to create a X509 Management Certificate and add it to the Windows Azure Management Portal to the hosted services. In our earlier article we have seen how to create a service certificate using the Publish options with Visual Studio 2010, this is the second type of the certificate which we will see how to create and use it in our process. Let us jump start to see the step by step process of creating the certificate and deploying it in Windows Azure using the Management Portal.

Steps:

Open IIS 7 but Start –> run –> inetmgr as shown in the screen below:

image

We can see IIS 7 is opened and all the components are listed as shown in the screen below.

image

In the components listed select the Server Certificates, and we can see the options to manage the servers as well in the right corner as shown in the screen below.

image

Double-click on the Server Certificates to open a tab which has the list of certificates installed to the environment. In the right side menu we can see an option to create a Self Signed Certificate as shown in the screen below.

image

Clicking on Create Self-Signed Certificate will open a window asking for the friendly name for the certificate as shown below. Provide a friendly name (Note it should be used in later sections) so provide some name which will be remembered.

image

We can see an item added to the list after creating the friendly name for the certificate as highlighted in the screen below. We can see the Expiration date of the certificate (1 Year valid).

image

Now we are done with the IIS section and we can close the IIS and go back to Start –> Run –> and give Certmgr as shown in the screen below.

image

This certificate manager will open a window with a list of all the certificate options as shown in the screen below. Now click on the Trusted Root Certificate Authorities as shown in the screen below:

image

We can see a Sub Folder as Certificates and clicking on Certificates will show up all the certificates available in the environment as shown in the screen below.

image

Now go the Friendly Name filter and search for the certificate which we created as highlighted in the screen below.

image

Now right click on our certificate and go to All Task and select Export option as shown in the screen below:

image

A wizard window opens and we can see the option to copy certificates  stored on our local environment as shown in the screen below.

screenshot_02

Clicking on Next will open an option to select how to do the export for the Private Key. Here we select No, do not export the private key option as shown in the screen below and click on Next button.

image

Now we can see some encryption method used to do the export, by default it will be selected DER Encoded binary X.509 as shown in the screen below. We can use the same to do the encoding and click on the Next button.

image

Clicking the Next button will move to the next window where we are asked to select the certificate location to export the certificate , as per our convenience we can select it to any folder. Here we have selected the desktop to save the certificate file as shown in the screen below.

image

Clicking the next button will open a summary of the options selected as shown in the screen below.

image

Clicking on Finish will show that the export has been completed successfully as shown in the screen below:

image

Now we can see a .cer file available in the desktop with the name we created as shown in the screen below.

image

Conclusion:

In this article we have seen how to create a x509 management certificate using IIS 7.0, in the coming article we will see how to add the certificate to the Windows Azure Management Portal.


Similar Articles