Last post was about how to request and install a server-side certificate in preparation for authenticating WCF service client using client certificate. Once the server-side certificate is in place, it’s time to get the client certificate in order. Here were the steps I took a few days ago for requesting, issuing and installing a client certificate in a Windows 2003 server machine:

1. Went to Http://localhost:8080/CertSrv – >Request a certificate ->Browser certificate
2. Submiited the request by following on-screen instruction (entered Name, e-mail, Company, department and chose key strength, 2048)
3. Went into CA (Start->Administrative tools -> Certificate Authority ->Pending requests folder
4. All tasks -> Issue and issued the client or browser certificate.
5. Went into Issued Certificates folder and double clicked on the certificate request item ->Details – >Copy to file, the “Welcome to the Certificate Export
   wizard” pop up, Next and chose “Based-64 encoded X.509 (.Cer) option, same as the server-side cert created previously, Next
6. Copied to c:\ClientCert.cer, Next and “Completing the Certificate Export wizard” showing “File Name, Export Keys (No), Include all certificates in the certification path (No), File format (base64-coded X.509)”, Finish
7. Went into c:\ClientCert.cer and double clicked to open the Certificate – >Install certificate – >Next – >”Automatically select a certificate store,..” -> Next -> Finish