How to sign server certificate with Active Directory Certificate Services

You can sign a VisualSVN Server certificate using Active Directory Certificate Services. This certificate will be automatically trusted by all computers in your domain. In order to issue a certificate, you are requested to:

  • Prepare Certificate Signing Request (CSR) using the VisualSVN Server Manager.
  • Sign a certificate using the Active Directory Certificate Services.
  • Import the signed certificate using the VisualSVN Server Manager.

Prepare Certificate Signing Request

In order to prepare Certificate Signing Request, perform the following sequence of actions:

  1. Open VisualSVN Server Manager.
  2. Choose Properties context menu command for the root element.
  3. Switch to the Certificate tab and press the Change Certificate button.
  4. Choose the Prepare certificate request action.
  5. Fill all required fields.
  6. Save the prepared request in a file named visualsvn.req.

It's very important to configure correct value for the Common name field. Common name should exactly match the domain name part of the URL which is used to access your VisualSVN Server. For example, the Common name should be server.example.com if clients access the server using the https://server.example.com/svn/MyRepository/ URL.

Sign a certificate

In order to sign a certificate using the Active Directory Certificate Services it's recommended to use the standard Certreq.exe command-line tool:

  1. Open an elevated command prompt with domain administrative permissions.
  2. Execute the following command line
    certreq -submit -attrib "CertificateTemplate: WebServer" visualsvn.req visualsvn.cer
  3. Choose the appropriate Certification Authority in the dialog box and press the OK button.
  4. If you have domain administrator access permissions, the issued certificate will be saved in a file named visualsvn.cer.

Please contact your system administrators if you do not have domain administrator access permissions.

Import the signed certificate

In order to import the signed certificate, perform the following sequence of actions:

  1. Open VisualSVN Server Manager.
  2. Choose Properties context menu command for the root element.
  3. Switch to the Certificate tab and press the Change Certificate button.
  4. Choose the Complete certificate request action.
  5. Specify the path to the file visualsvn.cer, which contains the signed certificate.
  6. Click the Finish button and Apply the changes.
  7. The signed certificate will be imported and installed in your VisualSVN Server.
Last Modified: