1. Install an Enterprise Certificate Authority on a different server to the SEEMS server.
2. From the SEEMS server, log on to the CA web interface and download the CA certificate.
4. Once you are on the Microsoft Certificate page, click on "Download a CA certificate chain or CRL"
5. On the next page click on Download CA Certificate and save it on your local hard drive
6. On the SEEMS server, install the CA certificate as “rootcert.cer” in the “Trusted Root Certification Authorities” certificate store.
How to add the root certificate under "Trusted Root Certificate Authorities"
1. Click Start and go to Run and type MMC
2. Select File and click on Add\Remove Snap-in and add certificate and click Add again
3. Expand "Trusted Root Certification Authorities" and right click on Certification and click on import
5. Click Next and select "Place all certificates in the following store".
Note : By default the Certificate store should be Trusted Root Certification Authorities
6. Click Next and click Finish.
7. Install the SEE Manager server and keep the SEEMS Configuration Wizard default and click OK
8. Open the IIS and under "“Symantec Endpoint Encryption Services” website right click and select Properties
9. Select "Directory security" and click on Server Certificates
10.Choose to generate a new Server certificate
11.Choose “Prepare request now but send it later”.
12.Complete your organizations details:
13.Save the request as “certreq.txt”.
14.Log on to the CA web interface and select “Request a certificate”
15. Click on “Advanced certificate Request”
16. Select the option: "Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file..."
17. Browse for, or copy paste the data from, the file certreq.txt.
18. Ensure that the Certificate Template option “Web Server” is selected.
19. Click Submit and on the next page click on Download Certificate
20. Now open the IIS Manager and go to the Properties of “Symantec Endpoint Encryption Services”. Click on Directory Security and click on Server Certificate.
21. Select Process the pending request and install the certificate
23.Complete the Wizard.
24. Open the SEEMS Configuration Wizard and you will find the Server-Side TLS/SSL Certificate
25. Now click on the Browse on the Client-Side TLS/SSL Certificate and browse to the certificate.
26. Create the Framework client package