Administrator Guide

Table Of Contents
Figure 72. WAPCerts
The root folders for the Windows Azure Pack websites are named MgmtSvc-*, where * is the name of the Windows Azure Pack
service—for example, MgmtSvc-TenantSite.
In each root level folder, there is a second-level folder that is the name of the VM on which the certicate is installed. This folder
contains the following les:
The exported .pfx le
A Java Script Object Notation (JSON) representation of the certica
te—.json le
A text le wher
e you can view the certicate subject name, expiration date, and other information.
Step 2 Obtain certica
tes from a trusted certication authority and copy
the .cer les to a share
1 If you have not already, obtain one or more certica
tes from a trusted certication authority, as described in
Obtain a Certica
te on
the Microsoft website.
2 On the Console VM, follow the same procedure that you did earlier to create a UNC le shar
e for the trusted certication
authority .cer les. For example, create a le share that is named \\<
Prex
>CON01\TCAShare. Make sure that the <Prex>-System
account has Read/Write permissions.
3 Copy the certica
te (.cer) le or les to the share location.
NOTE: Notice that there may be both a root certica
tion authority certicate and an intermediate certication authority
certicate.
Step 3 Import the trusted root and intermediate certica
tion authority.cer
les to establish the certicate chain on each VM
This step establishes the correct certica
te chain of trust on each VM. A certicate chain consists of all the certicates that are needed to
certify the subject that is identied by the end certicate. For example, an intermediate certication authority certicate is linked to a root
Security 135