Windows Vista - http://www.vistaarticles.com
Web based Certificate Enrollment Operations
http://www.vistaarticles.com/articles/191/1/Web-based-Certificate-Enrollment-Operations
By 
Published on 12/9/2006
 
This article discusses how to use Certificate Services Web enrollment pages together with Windows Vista.

Web based Certificate Enrollment Operations

To install the Windows Server "Longhorn" certificate enrollment Web pages, follow these steps:

1. On the computer where the certification authority is installed, install the Windows Server 2003-based certificate enrollment Web pages.
2. Remove all files and folders except for the following from the %systemroot%\System32\Certsrv folder: The Certdat.inc file
The Certenroll folder
Important We recommend that you back up all the files in the Certsrv folder before you remove them.

Note You must restart the server in safe mode to remove the CertControl directory. After you remove the CertControl directory, restart the server in normal mode, and then go to step 3.
3. Copy the contents of the CertSrv\EN-US folder that is on the computer that is running Windows Server "Longhorn" to the %systemroot%\System32\Certsrv folder on the computer that is running Windows Server 2003.

Note Do not replace the Windows Server 2003-based Certdat.inc file with the Windows Server "Longhorn" version of this file. By default, the Windows Server "Longhorn" Certdat.inc file is not located in the EN-US folder. 
4. On the computer that is running Windows Server 2003, open the Certdat.inc file by using a text editor such as Notepad.
5. Remove the following four entries from the end of this file.            ' control versions
            sXEnrollVersion="5,131,3686,0"
            sScrdEnrlVersion="5,131,3790,1206"
            sScrdW2KVersion="5,131,2195,5583"

The modified file resembles the following.<%' CODEPAGE=65001 'UTF-8%>
<%' certdat.inc - (CERT)srv web - global (DAT)a
  ' Copyright (C) Microsoft Corporation, 1998 - 1999 %>
<%
            ' default values for the certificate request
            sDefaultCompany=""
            sDefaultOrgUnit=""
            sDefaultLocality=""
            sDefaultState=""
            sDefaultCountry=""
           
            ' global state
            sServerType="Enterprise" 'vs StandAlone
            sServerConfig="machinename.domainname.com\test"
            sServerDisplayName="test"
            nPendingTimeoutDays=10
%>
Save the changes to the file, and then exit Notepad.
6. Open each file in the Certsrv folder, and then locate the following entry.<!-- #include FILE="..\certdat.inc"-->
Replace this entry with the following entry.<!-- #include FILE="certdat.inc"-->
 
7. On a computer that is running Windows Server 2003, open the Certsgcl.inc file by using a text editor such as Notepad. Make the following change in the WriteTemplateList() and IsUserTemplateAvailable() functions.

Locate the following LH WebEnrlServer object line:
Set WebEnrlServer=Server.CreateObject("WebEnrlServer.WebEnrlServer.1")
Replace this entry with the following entry to use the Windows Server 2003 SP1 Scrdenrl.dll object:
Set WebEnrlServer=Server.CreateObject("SCrdEnr.SCrdEnr.1")
8. Modify the certificate enrollment Web site to require Secure Sockets Layer (SSL).

Note For a Windows Vista-based client computer or for a Windows Server "Longhorn"-based client computer to use Windows Server "Longhorn" certificate enrollment Web pages, the Web site must use the HTTPS transport. Therefore, you must modify the certificate enrollment Web site to require SSL.