I am a new administrator with very little experience, trying to configure my ADFS to cooperate with a single sign-on solution to cloud-based help desk software to be used internally in my organization. I have installed the Windows 7.1 SDK package on Server 2012, and am now in the process of attempting to make a certificate. The PDF guide is now instructing me to type the following commands into Windows SDK 7.1 command prompt:
makecert -r -pe -n "CN=adfs.yourdomain.com" -b 01/01/2013 -e 01/01/2014 -sky exchange Server.cer
-sv Server.pvk
(Instead of “adfs.yourdomain.com” give the fully qualified name of the AD FS system in the above command)
pvk2pfx.exe -pvk Server.pvk -spc Server.cer -pfx Server.pfx
After entering command 1.), I enter a password upon being prompted to do so. Next, I enter 2.), at which time it gives me an error message as follows:
ERROR: File not found
Error Code = 0x80070002
My question is two-fold: firstly and most straight-forwardly, what is happening here and how do I resolve this issue? Secondly, and more generally, what resources are available to me to familiarize myself with these presently obscure commands? I mean, I don't even know what I'm typing…
Best Answer
Have a look at How to: Create Your Own Test Certificate.
The article explains what all the parameters mean.
e.g. cn is the subject name of your certificate, b is valid from, e is valid to etc.
Or refer to the full MSDN documentation - Makecert.exe (Certificate Creation Tool).
Essentially, you are creating a certificate and then transforming this into a pfx file (which is a type of certificate file that also contains the private key).
If you are using IIS for ADFS (i.e. not 2012 R2), then you can do this with IIS - How to Create a Self Signed Certificate in IIS 7