As most UAG customers use certificates, either for their HTTPS trunks or their DA configuration (or both), the topic of certificate management often comes up. While the windows OS does have a built-in certificate management console, many users find it confusing to use, and not always that intuitive. For example, one quirk is that when you use the console to import a certificate, it will often go into the wrong container, making it unusable until you move it to the right place (if you know the right place to begin with…).

To our help comes DigiCert, a company that specializes in digital certificates. In addition to selling certificates, they also offer a utility for management of digital certificates. This tool allows you to view, test, import and export server certificates with a very friendly interface. This is how it looks:

clip_image002

With this tool, you can:

· See all the SSL certificates installed on your server.

· Easily view details for each certificate.

· Fix intermediate certificate problems with one click.

· Import and Export your certificates to make a backup or move them between servers.

· Test a certificate to verify its private key is functional.

· Create certificate signing requests (very useful on UAG and TMG servers)

· Install a certificate to a pending request.

· Repair a certificate whose private key exists on the server but is not correctly associated with the certificate.

Like the idea? Download it from here:

https://www.digicert.com/util/

I should note, though, that in my testing, I’ve found it to be not 100% reliable. In one such case, an imported certificate failed the key test, and in another situation, even though it did pass, UAG would still not accept it. Is it still worth the trouble…to some, I think so. The choice is yours!