Creating and Applying SSL Certificate to Windows Admin Center 🌱

Prerequisites

Create Your SSL Certificate

  1. Launch XCA
  2. Open the PKI database if it is not already (File > Open DataBase), enter password
  3. Click on the Certificates tab, right click on your Intermediate CA certificate
  4. Select New
  5. On the Source tab, make sure Use this Certificate for signing is selected
  6. Verify your Intermediate CA certificate is selected from the drop down
  7. Click the Subject tab
  8. Complete the Distinguished Name section

    internalName: i12bretrodc.i12bretro.local
    countryName: US
    stateOrProvinceName: Virginia
    localityName: Northern
    organizationName: i12bretro
    organizationUnitName: i12bretro Certificate Authority
    commonName: i12bretrodc.i12bretro.local

  9. Click the Generate a New Key button
  10. Enter a name and set the key size to at least 2048
  11. Click Create
  12. Click on the Extensions tab
  13. Select End Entity from the type list
  14. Click Edit next to Subject Alternative Name
  15. Add any DNS or IP addresses that the certificate will identify
  16. Update the validity dates to fit your needs
  17. Click the Key Usage tab
  18. Under Key Usage select Digital Signature, Key Encipherment
  19. Under Extended Key Usage select Web Server and Web Client Authentication
  20. Click the Netscape tab
  21. Select SSL Server
  22. Click OK to create the certificate

Exporting the Certificate

  1. In XCA, click on the Certificates tab
  2. Right click the SSL certificate > Export > File
  3. Set the file name with a .p12 extension and verify the export format is PKCS #12 (*.p12)
  4. Enter a password to protect the .p12 export

Importing Certificate Into Windows Certificate Store

  1. Right click the Start Button > Run
  2. Type mmc.exe, press enter
  3. Click File > Add/Remove Snap-in...
  4. Click Certificates
  5. Click Add
  6. Select Computer account
  7. Click Next
  8. Select Local computer
  9. Click Finish
  10. Click OK
  11. Expand Certificates
  12. Right click the Personal folder > All Tasks > Import....
  13. Click Next
  14. Click Browse > Select the exported SSL .p12 file > Click Next
  15. Enter the password created for the .p12 export
  16. Verify Include all extended properties is checked
  17. Click Next
  18. Click Next
  19. Click Finish
  20. Double click the newly imported certificate
  21. Select the Details tab > Scrool to the bottom of the details pane
  22. Click the thumbprint line item
  23. Copy the thumbprint value in the lower pane to the clipboard

Applying the Certificate to Windows Admin Center

  1. Download Windows Admin Center Download
  2. Run the downloaded .msi
  3. If WAC is already installed, click the change button
  4. Select the Use an SSL certificate installed on this computer option
  5. Paste in the thumbprint copied from the imported certificate
  6. Click Change to apply the changes