Duplicate Certificate template
>> Thursday 28 June 2012
Duplicate Certificate template
I'm deploying NAP and I would like to duplicate a certificate template that is in the certtempl.msc but with commands. I'm using Windows Server 2008 R2.
Is duplicating a template the same as requesting a new template?
If yes, these are the commands I have been trying
In a file csr.inf i typed:
[NewRequest]
Subject="CN=dc1,DC=contoso,DC=com"
Exportable=TRUE
KeyLength=2048
MachineKeySet=TRUE
FriendlyName="Manual Certificate"
KeySpec=1
[EnhancedKeyUsageExtension]
OID=1.3.6.14.1.311.47.1.1
[Extensions]
1.3.6.14.1.311.47.1.1="System Health Authentication"
[RequestAttributes]
CertificateTemplate="Workstation"
and then in then i create the new request
certreq -new csr.inf request.req
after that I try to submit the request using this command
certreq -submit -config - -crl -rpc request.req certFileOut.cert
but i get the following error:
Certificate not issued (Denied) Denied by Policy Module 0x80094800, The request was for a certificate template that is
not supported by the Active Directory Certificate Services policy: 1.3.6.1.4.1.311.21.8.1806387.4854250.11684030.1596675
3.1069840.122.1.30(Workstation Authentication)/Workstation.
Any idea if my approach is correct and if not what is the right approach?
Last edited by MRady : 16-03-2011 at 12:21 AM.
Reply With Quote
#2
Old 20-04-2011
Siddharthr's Avatar
Siddharthr Siddharthr is offline
Member
Join Date: Jan 2007
Posts: 200
Re: Duplicate Certificate template
When you are trying to request for the certificate for OCS , are you using internal 2003 Enterprise CA, you must not use CA's vertsrv site, you must use OCS Management Console. Right-click the server object in the tree and choose the Certificates option which will bring up the OCS Certificate Wizard.
Reply With Quote
0 comments:
Post a Comment