Log on to your CA server Open the Certification Authority console Right-click on Certificate Template and select Manage Double-click the template for which you want to enable approval Select the Issuance Requirements tab Check the box named CA Certificate manager approval
Create a text file and name it for example RequestPolicy.inf. Copy/paste the following text to the file: [Version] Signature=”$Windows NT$” [NewRequest] Subject = “CN=myserver.mycompany.com” KeyLength = 2048 KeySpec = 1 KeyUsage = 0xA0 ProviderName = “Microsoft RSA SChannel Cryptographic Provider” RequestType = PKCS10 FriendlyName = “My application” [EnhancedKeyUsageExtension] OID=1.3.6.1.5.5.7.3.1 ; Server Authentication OID=1.3.6.1.5.5.7.3.2 ; Client […]
Note A SAN cannot be added to a certificate after the certificate has been submitted, issued or enrolled. You can only add it at the time you create the policy file1. Prerequisites You have already created a policy file. Procedure Add following elements to your policy: The Extension section (if it’s not already the case2). […]
Issuing certificates from the command line is usually not a straightforward task that you succeed at first shot. Thus, in order to understand how all this is working, you probably may do some additional tests and import certificates several times through different ways. However, some undocumented behaviors are very misleading, and you will certainly draw […]
Here are the main guidelines with explicit examples. For more information about a particular step, follow the links. Create a request policy file. Use the policy file to create an encoded request file. More about certreq -new. Submit the request file to the Certificate Authority. In return you will get a Request ID number. More about […]
itluke.online 
You must be logged in to post a comment.