Posts tagged: certutil

Apr 29 2011

Powershell: Enterprise CA, Create SAN certificates for IIS7 servers

We will show in this post how to create a SAN certificate for IIS 7 using an Enterprise PKI. This kind of certificate permits you to host multiple SSL sites on a single server. To achieve this with a powershell script we will use the PSRemoting and the IIS CmdLets.

We launch the script from the server where we administrate the PKI with ADCS RSAT. We will use PSRemoting for many things: Before sending the certificate request to the Certificate Authority in order to create the CSR on the IIS server. Once the certificate is issued we will retrieve it and install it to the IIS 7 server certificate store. Finally we will configure IIS 7 to use this certificate on the default web site.
Read more »

Sep 06 2010

Domain Controller certificates: Kerberos Authentication template

When you install Windows 2008 Certification Authority a new domain controller certificate template named Kerberos Authentication is available. It replaces the Domain Controller Authentication template. If you need more information about the new certificate templates shipped with a Windows 2008 CA you can read this article.

Here is a tab that outlines the specific attributes of the Domain Controller Authentication and Kerberos Authentication templates:

  Domain Controller Authentication Kerberos Authentication
Key Usage Client Authentication

Server Authentication

Smart Card Logon

Client Authentication

Server Authentication

Smart Card Logon

KDC Authentication.

Subject Alternate Name DNS Name : Domain Controller FQDN. DNS Name : Domain FQDN.

DNS Name : Domain NetBios name.

Read more »

WordPress Themes

Blossom Icon Set

Software Top Blogs