create un file di testo e nominarlo in c:\CA\cert.inf
[Version]
Signature="$Windows NT$
[NewRequest]
Subject = "CN=domaincontroller.domain.com" ; must be the FQDN of domain controller
; EncipherOnly = FALSE - This is only for Windows 2008 server on Windows 2003 remove ;
Exportable = FALSE ; TRUE = Private key is exportable
KeyLength = 2048
KeySpec = 1 ; Key Exchange
KeyUsage = 0xA0 ; Digital Signature, Key Encipherment
MachineKeySet = True
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = CMC
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1
OID=1.3.6.1.5.5.7.3.2
eseguire lo script:
##Run the next command##
C:\CA>certreq -new cert.inf request.req
CertReq: Request Created
##Open Certificate Authority##
1. Go to pending requests and issue the certificate.
2. Open the issued certificate --> Go to details --> Copy to a file --> Save it to c:\CA\server auth cert.cer
2. Open the issued certificate --> Go to details --> Copy to a file --> Save it to c:\CA\server auth cert.cer
##Accept the certificate##
C:\CA>certreq -accept "server auth.cer"
##Open Certificates MMC console##
Go to Personal --> Certificates --> find the certificate and see if it has server authontication and client authontication is there.
Nessun commento:
Posta un commento
Lascia qui il tuo commento.