Category: PKI / Certificates

Written by Luke

How to create a certificate request policy file

Create a text file and name it for example RequestPolicy.inf. Copy/paste the following text to the file: [Version] Signature=”$Windows NT$” [NewRequest] Subject = “CN=myserver.mycompany.com” KeyLength = 2048 KeySpec = 1 KeyUsage = 0xA0 ProviderName = “Microsoft RSA SChannel Cryptographic Provider” RequestType = PKCS10 FriendlyName = “My application” [EnhancedKeyUsageExtension] OID=1.3.6.1.5.5.7.3.1 ; Server Authentication OID=1.3.6.1.5.5.7.3.2 ; Client […]

Written by Luke

How to add Subject Alternative Names to a certificate

Note A SAN cannot be added to a certificate after the certificate has been submitted, issued or enrolled. You can only add it at the time you create the policy file1. Prerequisites You have already created a policy file. Procedure Add following elements to your policy: The Extension section (if it’s not already the case2). […]

Written by Luke

Tutorial series: How to issue, import, enroll certificates, with or without private key

The procedure for issuing certificates differs depending on the following factors: Is an approval needed? Is the private key needed? Will the certificate be enrolled locally or on another computer? That’s why I decided to write a tutorial for each case and some additional posts concerning certificate’s issuance and enrollment. Complete tutorials: How to issue […]