Create your own self-signed certificate using MakeCert, which is Microsoft’s
certificate creation tool that exists in Windows.
- Open a command prompt and enter the following
command: makecert -b 01/01/1999 -r -pe -n "CN=< Certificate
Name>" -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.1
-cy authority -sv AgentryServerAuthorityCertificate.pvk AgentryServerAuthorityCertificate.cer
- Create a new certificate for the Agentry
Server's
authentication by entering: makecert -b 01/01/1999 -pe -n
"CN=< Certificate Name>" -eku 1.3.6.1.5.5.7.3.1 -ic AgentryServerAuthorityCertificate.cer
-iv AgentryServerAuthorityCertificate.pvk -sky exchange -sv AgentryServer.pvk AgentryServer.cer
- Convert the certificate to a PFX file. In the command
prompt enter: pvk2pfx -pvk AgentryServer.pvk -spc AgentryServer.cer
-pfx AgentryServer.pfx -po SAP -pi SAP pvk2pfx -pvk AgentryServerAuthorityCertificate.pvk
-spc AgentryServerAuthorityCertificate.cer -pfx <NewAgentryServer>.pfx
-po SAP -pi SAP where <NewAgentryServer> can
be any unique name for the new PFX file.
An example of a unique PFX name is NewAgentryServer.pfx.
- Create a signing certificate trust list by entering: makectl
-u 1.3.6.1.4.1.311.2.2.3 AgentryServerAuthorityCertificate.cer AgentryServerAuthorityCertificate.stl
signtool sign -u 1.3.6.1.5.5.7.3.3 -d "Root Certificate for Un-Authenticated
Agentry Servers" -r "Agentry Server (Self Signed)" -f <NewAgentryServer>.pfx
-p <password> AgentryServerAuthorityCertificate.stl where <password> is
your password for the new certificate.
- Create a trusted certificate list by entering: certmgr
-add -all -ctl AgentryServerAuthorityCertificate.stl AgentryTrustedCertificates.sst certmgr
-add -all -c AgentryServerAuthorityCertificate.cer AgentryTrustedCertificates.sst
- Copy the PFX file into the directory where the Agentry
Server instance
for the application is located.
- Copy the new AgentryTrustedCertificates.sst to
the Agentry
Client installation
folder to replace the original AgentryTrustedCertificates.sst file
installed with the Client.
- Restart the Server and the Client.
- Log in to the Sever using the Client.