AD CS on /home/martijnhttps://www.martijnvandijk.net/tags/ad-cs/Recent content in AD CS on /home/martijnHugo -- gohugo.ioen-usMon, 14 Nov 2022 13:55:00 +0100Certreq command snippets for AD CShttps://www.martijnvandijk.net/posts/adcs-certreq-snippets/Mon, 14 Nov 2022 13:55:00 +0100https://www.martijnvandijk.net/posts/adcs-certreq-snippets/This is a brief overview of how to issue certificates with certreq commands. It might be of use for someone administrating an ADCS instance. Issuing a leaf certificate This will create a certificate of the CertTemplateName template. certreq -submit -attrib "CertificateTemplate:CertTemplateName" .\signing_request.csr Issuing an issuing CA template This assumes that the root CA is not running in enterprise CA mode. This command will create an issuing CA certificate valid for 1 (one) year.This is a brief overview of how to issue certificates with certreq commands. It might be of use for someone administrating an ADCS instance.

Issuing a leaf certificate

This will create a certificate of the CertTemplateName template.

certreq -submit -attrib "CertificateTemplate:CertTemplateName" .\signing_request.csr

Issuing an issuing CA template

This assumes that the root CA is not running in enterprise CA mode. This command will create an issuing CA certificate valid for 1 (one) year.

certreq -attrib "CertificateTemplate:SubCA" -attrib "ValidityPeriod:1" -attrib"ValidityPeriodUnits:Years" .\SSL_CERT_R.csr

The certreq tool will then output a RequestId. Look this up in certsrv.msc, approve it and export the certificate.

]]>