...
Log into a system joined to the Austin Active Directory where the system has permissions to request a certificate from the desired template
Open Start an administrative PowerShell session then modify and run the following:
Code Block language powershell $cert_url = <FQDN for the certificate> $cert_san = @("<FQDN for certificate SAN #1>","<FQDN for certificate SAN #2>",...)In the same administrative PowerShell session, run one of the following:
For a Server (10 year duration) certificate, run the following:
Code Block language powershell # define the necessary objects based upon the URL and any requested SANs $cert_sub = ("CN=" + $cert_url) If ($cert_san) {$cert_dns = (@($cert_url) + $cert_san) -join ","} Else {$cert_dns = $cert_url} # request the certificate Get-Certificate -Url ldap: -CertStoreLocation "Cert:\LocalMachine\My" -Template "Server-10year" -SubjectName $cert_sub -DnsName $cert_dns
...
- Log into a system joined to the Austin Active Directory as a user with permissions to request a certificate from the desired template
- Open Start an administrative PowerShell prompt session then run one of the following:
For a Code Signing certificate, run the following:
Code Block language powershell # request the certificate for the current user Get-Certificate -Url ldap: -CertStoreLocation "Cert:\CurrentUser\My" -Template "CodeSigning(Exportable)"