Installing certificates for signing web service authorizations and deployment packages

You must install a certification for each of the following purposes:

• Signing the web service authorizations.
• Signing deployment packages and InForm web service authorizations on the Central Designer server.

Install certificates to the LOCAL_MACHINE\MY store. Each certificate in the certification path must be 2048 bytes. For more information about converting existing certificates, see the Microsoft support website.

The Central Designer installation process grants Full Control to access the certificate private keys to the IIS AppPool\DefaultAppPool user and the NETWORK SERVICE user.

If a user other than the IIS AppPool\DefaultAppPool user is running the DefaultAppPool application pool, you must grant the user Full Control to access the private keys, or the user is unable to sign using the certificates.This content is used in the STEP Certificate for web service authorizations topic.

For each certificate:

1. Open the Microsoft Management console:
   1. Open a Command Prompt window.
   2. Enter mmc, and then press Enter.
2. Select File > Add/Remove Snap-in.

   The Add or Remove Snap-ins dialog box appears.

3. In the list of available snap-ins, select Certificates.
4. Click Add.

   The Add dialog box appears.

5. Click Computer account.
6. Click Next.
7. Click Local Computer.
8. Click Finish.
9. Click OK.
10. In the left pane of the console, select Certificates (Local Computer).
11. Right-click the Personal folder.
12. Select All Tasks > Import.

    The Certificate Import Wizard appears.

13. Click Next.
14. Click Browse, and select the PFX file provided by the certificate vendor.

    You are prompted for a password.

15. Enter the password for the PFX file.
16. Click Next to accept the default options for the remaining wizard pages.
17. Click Finish.

    The new certificate appears in the displayed list.

18. In the left pane, select Personal > Certificates.
19. Right-click the certificate and select All Tasks > Manage Private Keys.
20. If a user other than the IIS AppPool\DefaultAppPool user is running the DefaultAppPool application pool, select that user and grant them Full Control.
21. Click OK.

Copyright © 2007, 2016 Oracle and/or its affiliates. All rights reserved.