Announcement

Collapse
No announcement yet.

RPC over http

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • RPC over http

    Can we use Windows inbuilt Certificate Services for RPC over HTTP feature ?

    If yes, Can you provide me some relevant docs on that ?

    I tried this, but it says certificate is not valid, something like that.

  • #2
    Re: RPC over http

    whenever we use Internal certificate, we need to install the root and the intermediate cert on the workstation which is configured for RPC over HTTP.
    ________
    KENOSHA ENGINE
    Last edited by Dks; 13th March 2011, 00:19.
    Rgds,

    Dks
    MCP E2K3 & MCITP E2K7
    MCITP Enterprise Win2k8

    Comment


    • #3
      Re: RPC over http

      The machine you are connecting from needs to trust the Root CA of your internal domain. Install the certificate in the Local Machine Store under Trusted Root CAs and that should do the job. Same cert as installed on phones for Active Sync if you use that.

      A common mistake is installing the cert into the Local User store rather than the Machine store, which won't work. Can you be more specific with your error message?
      BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
      sigpic
      Cruachan's Blog

      Comment


      • #4
        Re: RPC over http

        you can use an internally generated certificate.. as already noted above.
        We currently have an internal certificate.

        You need to make suer the certificate is trusted, and that you have "only accept certificates with htis principal name" configured on OA settings.
        I use MSSTD:servername.ourdomain.com
        (The external domain rather than te internal)
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: RPC over http

          thankx cruchan,

          Can you please provide me steps for installing certificate under Local machine store??

          Comment


          • #6
            Re: RPC over http

            There is an amazing web site called
            If you type in a question, it will show you sites with possible answers
            For example (for your question above):
            http://www.google.co.uk/search?hl=en...meta=&aq=f&oq=
            Tom Jones
            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
            PhD, MSc, FIAP, MIITT
            IT Trainer / Consultant
            Ossian Ltd
            Scotland

            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment


            • #7
              Re: RPC over http

              Originally posted by sachin1361 View Post
              thankx cruchan,

              Can you please provide me steps for installing certificate under Local machine store??
              C'mon dude thats fairly elementry. Export the certificate from your CA. When you double click on it it gives yout the option to install it. Or better yet get your self a commercial certificate thats already trusted by your browser. Much easier and will only cost you a few quid and alot less aggro.

              Comment


              • #8
                Re: RPC over http

                Originally posted by scurlaruntings View Post
                C'mon dude thats fairly elementry. Export the certificate from your CA. When you double click on it it gives yout the option to install it. Or better yet get your self a commercial certificate thats already trusted by your browser. Much easier and will only cost you a few quid and alot less aggro.
                Not quite that elementary, as double-clicking to install a certificate only gives you the option of which heading to place it under in the Logged on User's store, not the machine store.

                To import it into the machine store launch mmc, add the Certificates snap-in for the Local Computer, right click on Trusted Root Certification Authorities, go to all tasks and click Import...
                Run through the wizard to select the certificate and then make sure that Place All Certificates in the following store is selected and the box shows Trusted Root Certification Authorities. Once that's done it should work, assuming the rest of the config is correct.
                BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
                sigpic
                Cruachan's Blog

                Comment


                • #9
                  Re: RPC over http

                  You can do exactly that by double clicking on the certificate click install and then follow the prompts to import it into your Trusted Root. Its exactly the same thing mon fere

                  Comment


                  • #10
                    Re: RPC over http

                    Originally posted by scurlaruntings View Post
                    You can do exactly that by double clicking on the certificate click install and then follow the prompts to import it into your Trusted Root. Its exactly the same thing mon fere
                    Not exactly the same, because then it will only work for the currently logged on user as the certificate will install into their Trusted Root CA store. If the machines are in a domain and configured for auto-enrollment the cert would go into the machine's Trusted Root CA and so work for all users who log onto the machine.

                    Doesn't really matter if only one user will use the machine though.
                    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
                    sigpic
                    Cruachan's Blog

                    Comment

                    Working...
                    X