0

I have been looking for days and I can't seem to understand how to use Domain Certificates in IIS. Is there even a point to it? From what I understand, you absolutely cannot change which template it will use and you cannot update the WebServer template. I've messed around with the templates for a while and my websearch-fu is failing me.

There is this answer from 2012 but the links are dead.

The default template has no SAN and a key size of 1024. Both of which are no-go for anything internet facing. What are Domain Certificates for if they aren't trusted to secure web applications?

bendem
  • 1
  • 2
  • It's there because Microsoft couldn't be bothered to remove it? It does seem rather pointless these days. – garethTheRed Jun 23 '23 at 15:28
  • It is not feasible for Microsoft to update IIS Manager after shipping it with a major Windows release, but the world changes too fast and you do notice web browsers start to refuse legacy certificates. So, practically people use other tools to request certificates, such as [certreq](https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/certreq_1) instead. – Lex Li Jun 24 '23 at 00:52

0 Answers0