Versions Compared

Version Old Version 1 New Version Current
Changes made by

Alex Barth

Alex Barth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Request a

...

computer certificate from the Austin CAs via PowerShell

...

  1. Sign into a Windows system joined to the Austin Active Directory

...

  1. where the system has permissions to request a certificate from the desired template.

...

  1. Start an administrative PowerShell

...

For a Code Signing certificate, run the following: 

...

  1. session

  2. Run the following commands to define the list for the DNS host names for the certificate request:

    Code Block
    languagepowershell
    $DnsName = [System.Collections.Generic.List[System.String]]::new()

  3. Modify then run the following commands to define the required DNS host name and subject for the certificate request: 

    Code Block
    languagepowershell
    $DnsHostName = "hostname.domain"

  4. Run the following commands to define the subject for the certificate request: 

    Code Block
    languagepowershell
    $Subject = "CN=$DnsHostName"

  5. Run the following commands to add the required DNS host name to the list of DNS host names:

    Code Block
    languagepowershell
    $DnsName.Add($DnsHostName)

  6. Modify then run the following commands to add any subject alternate names to the certificate request: 

    Code Block
    languagepowershell
    $DnsName.Add("san1.domain")

  7. Repeat the previous step until all subject alternate names have been added to the certificate request.

  8. Run one of the following commands to define the certificate template:

    • For a Server (10-year duration) certificate:

      Code Block
      languagepowershell
      $Template = "Server-10year"

    • For a VMware SSL certificate: 

      Code Block
      languagepowershell
      $Template = "VMwareSSL6.5"

  9. Run the following commands to request the certificate:

    Code Block
    languagepowershell
    Get-Certificate -Url ldap: -CertStoreLocation "Cert:\

...

  1. LocalMachine\My" -Template

...

  1. $Template -SubjectName $Subject -DnsName $DnsName

Request a

...

user certificate from the Austin CAs via PowerShell

...

  1. Sign into a Windows system joined to the Austin Active Directory

...

  1. as a user with permissions to request a certificate from the desired template

...

  1. Start an administrative PowerShell

...

Code Block
$cert_subject = <FQDN for the certificate>
$cert_san = @("<FQDN for certificate SAN #1>","<FQDN for certificate SAN #2>",...)

...

  1. session

  2. Run one of the following commands to define the certificate template:

    • For a 

...

    • Code Signing certificate

      Code Block

...

    • languagepowershell
      $Template =

...

    • "CodeSigning(Exportable)"

  2. Run the following commands to request the certificate:

    Code Block
    languagepowershell
    Get-Certificate -Url ldap: -CertStoreLocation "Cert:\

...

  1. CurrentUser\My" -Template

...

  1. $Template