Duplicate Certificate template

>> Thursday 28 June 2012

Duplicate Certificate template
I'm deploying NAP and I would like to duplicate a certificate template that is in the certtempl.msc but with commands. I'm using Windows Server 2008 R2.
Is duplicating a template the same as requesting a new template?
If yes, these are the commands I have been trying

In a file csr.inf i typed:

[NewRequest]
Subject="CN=dc1,DC=contoso,DC=com"
Exportable=TRUE
KeyLength=2048
MachineKeySet=TRUE
FriendlyName="Manual Certificate"
KeySpec=1

[EnhancedKeyUsageExtension]
OID=1.3.6.14.1.311.47.1.1

[Extensions]
1.3.6.14.1.311.47.1.1="System Health Authentication"

[RequestAttributes]
CertificateTemplate="Workstation"

and then in then i create the new request
certreq -new csr.inf request.req

after that I try to submit the request using this command
certreq -submit -config - -crl -rpc request.req certFileOut.cert

but i get the following error:
Certificate not issued (Denied) Denied by Policy Module 0x80094800, The request was for a certificate template that is
not supported by the Active Directory Certificate Services policy: 1.3.6.1.4.1.311.21.8.1806387.4854250.11684030.1596675
3.1069840.122.1.30(Workstation Authentication)/Workstation.

Any idea if my approach is correct and if not what is the right approach?
Last edited by MRady : 16-03-2011 at 12:21 AM.
Reply With Quote
#2
Old 20-04-2011
Siddharthr's Avatar
Siddharthr Siddharthr is offline
Member

Join Date: Jan 2007
Posts: 200
Re: Duplicate Certificate template
When you are trying to request for the certificate for OCS , are you using internal 2003 Enterprise CA, you must not use CA's vertsrv site, you must use OCS Management Console. Right-click the server object in the tree and choose the Certificates option which will bring up the OCS Certificate Wizard.
Reply With Quote

Posted by raam at 09:42

0 comments:

Post a Comment

Post a Comment

Subscribe to: Post Comments (Atom)

Read - Share - Comment

About This Blog

Share and Save

About Author