Versions Compared

Version Old Version 19 New Version Current
Changes made by

Alex Barth

Alex Barth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Request a

...

computer certificate from the Austin CAs via PowerShell

  1. Sign into a Windows system joined to the Austin Active Directory where the system has permissions to request a certificate from the desired template.

  2. Start an administrative PowerShell session

...

  1. Run the following commands to define the

...

  1. list for the DNS host names for the certificate request:

...

  1. Code Block
    languagepowershell

...

  1. $DnsName =

...

In the same administrative PowerShell session, run the following to format the subject names on the certificate: 

Code Block
$cert_sub = ("CN=" + $cert_url)
If ($cert_san) {$cert_dns = $cert_san + $cert_url} Else {$cert_dns = $cert_url}

...

  1. [System.Collections.Generic.List[System.String]]::new()

  2. Modify then run the following commands to define the required DNS host name and subject for the certificate request: 

    Code Block
    languagepowershell
    $DnsHostName = "hostname.domain"

  3. Run the following commands to define the subject for the certificate request: 

    Code Block
    languagepowershell
    $Subject = "CN=$DnsHostName"

  4. Run the following commands to add the required DNS host name to the list of DNS host names:

    Code Block
    languagepowershell
    $DnsName.Add($DnsHostName)

  5. Modify then run the following commands to add any subject alternate names to the certificate request: 

    Code Block
    languagepowershell
    $DnsName.Add("san1.domain")

  6. Repeat the previous step until all subject alternate names have been added to the certificate request.

  7. Run one of the following commands to define the certificate template:

    • For a Server (10-year duration) certificate

...

    • :

...

    • Code Block
      languagepowershell

...

    • $Template = "Server-10year"

    • For a VMware SSL certificate

...

    • Code Block

...

    • languagepowershell
      $Template = "VMwareSSL6.5"

...

  1. Run the following commands to request the certificate:

    Code Block
    languagepowershell

...

  1. Get-Certificate -Url ldap: -CertStoreLocation "Cert:\LocalMachine\My" -Template

...

  1. $Template -SubjectName

...

  1. $Subject -DnsName

...

  1. $DnsName

Request a user certificate from the Austin CAs via PowerShell

...

  1. Sign into a Windows system joined to the Austin Active Directory as a user with permissions to request a certificate from the desired template

  2. Start an administrative PowerShell session

...

  2. Run one

...

  1. of the following commands to define the certificate template:

...

    • For a Code Signing certificate

...

    • Code Block
      languagepowershell

...

    • $Template = "CodeSigning(Exportable)"

  2. Run the following commands to request the certificate:

    Code Block
    languagepowershell
    Get-Certificate -Url ldap: -CertStoreLocation "Cert:\CurrentUser\My" -Template

...

  1. $Template