Log on to your CA server Open the Certification Authority console Right-click on Certificate Template and select Manage Double-click the template for which you want to enable approval Select the Issuance Requirements tab Check the box named CA Certificate manager approval
Create a text file and name it for example RequestPolicy.inf. Copy/paste the following text to the file: [Version] Signature=”$Windows NT$” [NewRequest] Subject = “CN=myserver.mycompany.com” KeyLength = 2048 KeySpec = 1 KeyUsage = 0xA0 ProviderName = “Microsoft RSA SChannel Cryptographic Provider” RequestType = PKCS10 FriendlyName = “My application” [EnhancedKeyUsageExtension] OID=1.3.6.1.5.5.7.3.1 ; Server Authentication OID=1.3.6.1.5.5.7.3.2 ; Client […]
Note A SAN cannot be added to a certificate after the certificate has been submitted, issued or enrolled. You can only add it at the time you create the policy file1. Prerequisites You have already created a policy file. Procedure Add following elements to your policy: The Extension section (if it’s not already the case2). […]
Issuing certificates from the command line is usually not a straightforward task that you succeed at first shot. Thus, in order to understand how all this is working, you probably may do some additional tests and import certificates several times through different ways. However, some undocumented behaviors are very misleading, and you will certainly draw […]
The procedure for issuing certificates differs depending on the following factors: Is an approval needed? Is the private key needed? Will the certificate be enrolled locally or on another computer? That’s why I decided to write a tutorial for each case and some additional posts concerning certificate’s issuance and enrollment. Complete tutorials: How to issue […]
itluke.online 
You must be logged in to post a comment.