(AAD) Certificates - Request certificate from the Austin CAs - Automatic

Open an MMC window
Add the Certificates snap-in
- Note: certain certificates can only be requested by user or computer accounts; set the snap-in account appropriately
Expand Certificates then right click on Personal
Select All Tasks then Request New Certificate...
Click Next then select Active Directory Enrollment Policy
Click Next then check the box next to the name of the desired template
- Utilize VMware SSL 6.5 for any VMware products or interaction
- Utilize Server (10 Year Duration) for long duration use cases (requires permissions from the AD team)
- Utilize Web Server with IPSEC for default use cases that require IPSec (such as printers that need IPsec and HTTPS)
- Utilize Web Server 2048 bit key for all other default cases
Click on Details on the desired template to expand the request information then click Properties
Set the Subject name type drop down to Common name
Set the Subject name value to the FQDN for the certificate then click Add to include the value on the certificate
Set the Alternate name type drop down to DNS name
Set the Alternate name value to the FQDN for the certificate then click Add to include the value on the certificate
Repeat the previous step as necessary to add additional FQDNs to the certificate
Click OK then click Enroll

Open an MMC window
Add the Certificates snap-in
- Note: certain certificates can only be requested by user or computer accounts; set the snap-in account appropriately
Expand Certificates then Certificate Enrollment Requests then Certificates
Right click on the certificate to export and select All tasks... then Export...
Click Next then select Yes, export the private key
Click Next twice
Check the Password box and set a complex password
Click Next
Specify a file name for the certificate request
Click Next then click Finish