Submit a ticketCall us

Training ClassSign up for Network Performance Monitor (NPM) and Scalability instructor-led classes

Attend our instructor-led classes, provided by SolarWinds® Academy, to discuss the more advanced monitoring mechanisms available in NPM as well as how to tune your equipment to optimize its polling capabilities. NPM classes offered:
NPM Custom Monitoring and Polling
Orion Platform Scalability

Reserve your seat.

Home > Success Center > Server & Application Monitor (SAM) > SAM - Knowledgebase Articles > Unable to create a self-signed certificate

Unable to create a self-signed certificate

Overview

Unable to create a self-signed certificate.

Environment

All SAM versions

Resolution

Do the following steps to manually create a self-signed certificate:

1. Copy this script to Exchange server.

$IPAddress = Read-Host "Enter the IP Address of the Exchange server"
$ExpDays = "3650"
$name = new-object -com "X509Enrollment.CX500DistinguishedName.1"
$name.Encode("$IPAddress_Solarwinds_Exchange_Zero_Configuration", 0)
$key = new-object -com "X509Enrollment.CX509PrivateKey.1"
$key.ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
$key.KeySpec = 1
$key.Length = 1024
$key.SecurityDescriptor = "D:PAI(A;;0xd01f01ff;;;SY)(A;;0xd01f01ff;;;BA)(A;;0x80120089;;;NS)"
$key.MachineContext = 1
$key.Create()
$serverauthoid = new-object -com "X509Enrollment.CObjectId.1"
$serverauthoid.InitializeFromValue("1.3.6.1.5.5.7.3.1")
$ekuoids = new-object -com "X509Enrollment.CObjectIds.1"
$ekuoids.add($serverauthoid)
$ekuext = new-object -com "X509Enrollment.CX509ExtensionEnhancedKeyUsage.1"
$ekuext.InitializeEncode($ekuoids)
$cert = new-object -com "X509Enrollment.CX509CertificateRequestCertificate.1"
$cert.InitializeFromPrivateKey(2, $key, "")
$cert.Subject = $name
$cert.Issuer = $cert.Subject
$cert.NotBefore = get-date
$cert.NotAfter = $cert.NotBefore.AddDays($ExpDays)
$cert.X509Extensions.Add($ekuext)
$cert.Encode()
$enrollment = new-object -com "X509Enrollment.CX509Enrollment.1"
$enrollment.InitializeFromRequest($cert)
$certdata = $enrollment.CreateRequest(0)
$enrollment.InstallResponse(2, $certdata, 0, "")
2. Open a PowerShell session in Administrator context.
3. Change the directory of the PowerShell session to the location of the PowerShell script.
4. Type the name of the script and then press Enter.
5. When prompted, enter the IP address of the Exchange server and then press Enter.

 

 

Last modified

Tags

Classifications

Public