I have a problem that I need assistance with. I have a SolarWinds Orion setup on a Windows Server 2019 instance that I am trying to get https binding to work with so i can have the Orion webpage present as secure, but SolarWinds Configuration Wizard does not see the certificate. I've worked with the USAF Certificate helpdesk for the past 6 weeks or so, just to ensure I'm not doing something wrong when creating the CSR for my certificate request and it seems that I'm not doing anything incorrectly. However, maybe you all can help me. I will provide step-by-step playback of everything I've done:
1. I open MMC.exe, add the certificate manager (for local machine) and create a csr as follows (You can see the steps I take on another persons website, such as http://www.mistercloudtech.com/2016/02/04/how-to-request-certificates-using-the-mmc-snapin/):
1a. Expand Personal-->certificates. Right-click certificates-->all tasks-->advanced operations-->create custom request
1b. Select custom request-->proceed without enrollment policy
1c. Select next on the Template page/request format (PKCS #10)
1d. Drop down the arrow on Custom Request and select Properties
1e. On the General tab, i put a friendly name and a description
1f. On the Subject tab, I put in the Common Name as the FQDN, I add Country, State, Locality, Organization, & Organization unit
1g. On the Private Key tab, I change the Key Options to Key Size 2048 and check the Make private key exportable
1h. Click ok, click next, give it a file name and file format=base 64.
2. I submit the request to the AF PKI site, and when I do so, I add a Subject Alternative Name with the short name of the server. For Example Server-Name-01.
3. Upon approval, I download the certificate (.CER), the certificate chain (.P7C) and the the .P7B
4. Back on the SolarWinds server, on the MMC, right-click personal-->certificates and select all tasks-->import
4a. Ensure Local Machine is still selected, click next-->browse to my .CER and click next
4b. Place all certificates in the following store-->Personal, click next, click finish.
5. Open IIS-->expand my server-->expand Sites-->select my SolarWinds site
5a. on the far right, select Bindings-->select my existing https binding and click Edit
5b. Under SSL Certificate, click Select-->select my new certificate-->select OK (Before selecting OK, I click View to ensure the the certificate has a private key that corresponds to this certificate, it does)
6. Open SolarWinds Configuration Manager-->Select Website-->click next
6a. Uncheck the Skip website binding and drop down the certificate selector. The ONLY thing available is Generate Self-Signed Certificate. Obviously, this doesnt work for me - I need it to use the certificate and chain I just installed so that I can give customers a secure web browser.
I appreciate any help!
