It is not always possible to submit a certificate request online to a certification authority (CA). In these instances, you might still be able to submit a certificate request in the form of a PKCS #7 or PKCS #10 file. In general, you use a PKCS #10 file to submit a request for a new certificate and a PKCS #7 file to submit a request to renew an existing certificate.

Users or local Administrators is the minimum group membership required to complete this procedure. Review the details in "Additional considerations" in this topic.

To request a certificate by using a PKCS #10 or PKCS #7 file
  1. Open a Web browser.

  2. Open https://servername/certsrv, where servername is the name of the Web server hosting the CA Web enrollment pages.

  3. Click Request a certificate, and then click Advanced certificate request.

  4. Click Submit a certificate request using a base-64-encoded CMC or PKCS #10 file or Submit a renewal request by using a base-64-encoded PKCS #7 file.

  5. In Notepad, click File, click Open, select the PKCS #10 or PKCS #7 file, click Edit, click Select all, click Edit, and then click Copy. On the Web page, click in the Saved request box. Click Edit, and then click Paste to paste the contents of the certificate request into the box.

  6. If you are connected to an enterprise CA, choose the certificate template that you want to use.

  7. If you have any attributes to add to the certificate request, enter them into Additional Attributes.

  8. Click Submit.

  9. Do one of the following:

    • If the Certificate Pending Web page appears, see Check on a Pending Certificate Request.

    • If the Certificate Issued Web page appears, click Download certificate chain. Save the file to your hard disk, and then import the certificate into your certificate store. For the procedure to import a certificate, see Import a Certificate.

Additional considerations

Additional references