Versions Compared

Version Old Version 18 New Version Current
Changes made by

Alex Barth

Alex Barth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Request a

...

computer certificate from the Austin CAs via PowerShell

...

  1. Sign into a Windows system joined to the Austin Active Directory where the system has permissions to request a certificate from the desired template.

  2. Start an administrative PowerShell session

...

  2. Run the following commands to define the list for the DNS host names for the certificate request:

    Code Block
    languagepowershell

...

  1. $DnsName =

...

In the same administrative PowerShell session, run the following to format the subject names on the certificate: 

Code Block
$cert_sub = ("CN=" + $cert_url)
If ($cert_san) {$cert_dns = $cert_san + $cert_url} Else {$cert_dns = $cert_url}

...

  1. [System.Collections.Generic.List[System.String]]::new()

  2. Modify then run the following commands to define the required DNS host name and subject for the certificate request: 

    Code Block
    languagepowershell
    $DnsHostName = "hostname.domain"

  3. Run the following commands to define the subject for the certificate request: 

    Code Block
    languagepowershell
    $Subject = "CN=$DnsHostName"

  4. Run the following commands to add the required DNS host name to the list of DNS host names:

    Code Block
    languagepowershell
    $DnsName.Add($DnsHostName)

  5. Modify then run the following commands to add any subject alternate names to the certificate request: 

    Code Block
    languagepowershell
    $DnsName.Add("san1.domain")

  6. Repeat the previous step until all subject alternate names have been added to the certificate request.

  7. Run one of the following commands to define the certificate template:

    • For a Server (10-year duration) certificate

...

    • :

...

    • Code Block
      languagepowershell

...

    • $Template = "Server-10year"

    • For a VMware SSL certificate

...

    • Code Block

...

    • languagepowershell
      $Template = "VMwareSSL6.5"

...

  1. Run the following commands to request the certificate:

    Code Block
    languagepowershell

...

  1. Get-Certificate -Url ldap: -CertStoreLocation "Cert:\LocalMachine\My" -Template

...

  1. $Template -SubjectName

...

  1. $Subject -DnsName

...

  1. $DnsName

Request a user certificate from the Austin CAs via PowerShell

...

  1. Sign into a Windows system joined to the Austin Active Directory as a user with permissions to request a certificate from the desired template

  2. Start an administrative PowerShell session

...

  2. Run one

...

  1. of the following commands to define the certificate template:

...

    • For a Code Signing certificate

...

    • Code Block
      languagepowershell

...

    • $Template = "CodeSigning(Exportable)"

  2. Run the following commands to request the certificate:

    Code Block
    languagepowershell
    Get-Certificate -Url ldap: -CertStoreLocation "Cert:\CurrentUser\My" -Template

...

  1. $Template