...
- The requested certificate requires one or more values that are not supported by InCommon certificates such as:
- Lifetimes exceeding 398 days
- EKUs other than Digital Signature and Key Encipherment
- Subject Alternate Names that are not in an approved DNS domain
- Subject Alternate Names that are not DNS addresses such as an IP Address name
...
- Sign in to a computer joined to the Austin Active Directory where the system has computer has permissions to enroll for a certificate from the requested template
Start an administrative PowerShell session as a local administrator
Info Complete any remaining instructions in this PowerShell session unless directed otherwise
Run the following commands to define the certificate request file:
Code Block $path_cerreq = Read-Host -Prompt "Provide the path to the certificate request file" $name_cerreq = Read-Host -Prompt "Provide the name of the certificate request file" $cert_file_req = C:\Content\certificate\custom.req
Run the following commands to retrieve the certificate to be imported:
Code Block $file_req = Get-ChildItem -Path $path_req | Where-Object { $_.Name -Match $name_req } | Sort-Object -Property LastWriteTime | Select-Object -Last 1Run one of the following commands to set the certificate template:
For VMware SSL certificates, run the following:
Code Block $cert_template = "VMwareSSL6.5"
For long-duration server certificates, run the following:
Code Block $cert_template = "Server-10Year"
Run the following commands to define where the signed certificate file will be created using the certificate request file
Code Block $cert$file_file_cer = (Get-Item $cert_file_req).DirectoryName + "\" + (Get-Item $cert_file_req)Join-Path -Path $path_req -ChildPath ($file_req.BaseName + ".cer")
Run the following commands to submit the request to an Austin certificate authority:
Code Block certreq -submit -attrib ("CertificateTemplate:" + $cert_template) $cert$file_file_req $cert_file$file_cer