0

I am requesting a certificate that must be approved by the CA administrator.

When I make the request, it appears in the CA pending request folder and I right click to issue the certificate. In client machine I want doing by PowerShell what I do in certmg.msc(Automatically Enroll and Retrieve Certificates):

Select top node (Certificates), right-click -> All Tasks -> Automatically Enroll and Retrieve Certificates. Follow certificate enrollment wizard to retrieve and install pending certificate.

Dave M
  • 4,514
  • 22
  • 31
  • 30
Elmano Francisco Gonga
  • 1
  • 2
  • and what is the business related question? – djdomi Jul 25 '21 at 12:35
  • I have a script in PowerShell that makes certificate renewal request on a client machine, the script works fine and then I go to my CA to issue the request and then I need to do the similar in PowerShell which is done by certmgr "Automatically Enroll and retrieve certificates " – Elmano Francisco Gonga Jul 26 '21 at 13:16

1 Answers1

1

You can use the -config parameter of certreq to avoid using the GUI.

-retrieve <requestid> Retrieves a response to a previous request from a certificate authority. Pending Requests can be listes with Get-PendingRequest (PowerShell).

For example:

certreq -config "CAHostName\CAName" -retrieve 3499 "d:\test.cer"

Fetches the certificate for request.

certreq -accept "D:\test.cer" -machine

–accept links the previously generated private key with the issued certificate and removes the pending certificate request from the system where the certificate is requested (if there is a matching request).

bjoster
  • 4,805
  • 5
  • 25
  • 33
Ibrahim el Hassan
  • 11
  • 1