Signing a certificate using Microsoft Enterprise Certificate Authority

When using a Microsoft Enterprise CA, the csr generated with OpenSSL can be sent to the Microsoft CA using the following command.

certreq.exe -submit -attrib "CertificateTemplate:<TemplateName>" certRequest.csr

Replace <TemplateName> with the name of the Certificate Template that you want to use. Note if the template is configured to use values from Active Directory, then it will update values in the certRequest.csr with values for the currently logged in user.
If not running the command from the Microsoft CA server machine, then the path to the server may need to be specified. This is done as follows.

certreq.exe -submit -attrib "CertificateTemplate:<TemplateName>" -config "\Test
Certificate Authority" certRequest.csr
Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk