Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ad-certificate-services]

Active Directory Certificate Services is a role first made available in Windows Server 2008. Previously it was known as certificate services.

Active Directory Certificate Services is a set of technologies from Microsoft that offer the ability to create a PKI infrastructure.

Active Directory Certificate Services specific documentation are collated at http://social.technet.microsoft.com/wiki/contents/articles/windows-pki-documentation-reference-and-library.aspx

242 questions
2
votes
0 answers

Windows 2012 CA Web Interface "No certificate templates could be found"

I have an enterprise certificate authority running on a Windows Server 2012 R2 member server. The web interface for the CA has recently started popping up an error each time I go to request a certificate: "No certificate templates could be found.…
Norphus
  • 165
  • 1
  • 3
  • 12
2
votes
1 answer

Is it possible to set the expiration date of a certificate?

I am trying to test certificate validation logic in an installer. I have a test domain with Active Directory Certificate Services installed. Both the domain controller and CertServ are base installations with minimal configuration. Is there a way…
Aaron Carlson
  • 133
  • 8
2
votes
1 answer

Create Windows CA Certificate Template from Command line

As part of installing our product, we are generally required to setup AD and CA services. I found a way to install the CA from the command line: https://technet.microsoft.com/en-us/library/ff849263(v=ws.10).aspx . But is there a way to generate…
cstack
  • 121
  • 4
2
votes
0 answers

Internal EV SSL From A Windows Server 2012 R2 Root CA Shows Up As A Normal Certificate

I am trying to setup an internal ev ssl server for all of my internal applications giving ie the little green bar and chrome displaying my company name. It works fine in IE displaying the green bar as well as the company name, however chrome shows…
Charles Ludlow
  • 121
  • 3
2
votes
1 answer

ASA Certifiate does not match the server name

I am trying to install a certificate on my Cisco ASA 5515. It has my local Windows 2012 CA as a trusted CA. The domain has also had this CA applied to their trusted root. Whenever I try to connect from the outside via anyConnect VPN I get an…
Tony DeJesus
  • 61
  • 1
  • 6
2
votes
1 answer

AD Certificate template - Enroll on behalf of

I'm trying to setup S/MIME for a few users, which requires certificates. I'm not using smartcards, and not using autoenrollment for these certificates. Server is running 2012R2. I created a template that works fine when I manually request a…
Grant
  • 17,859
  • 14
  • 72
  • 103
2
votes
1 answer

Does the auto generated LDAPS cert on a 2012R2 domain controller auto renew?

For a lab/teaching environment, we need to set up a Windows 2012R2 machine as a domain controller, with LDAPS enabled on 636. As we also need ADCS installed, we have just let ADCS auto generate the cert on the LDAPS service. However, the cert…
simon
  • 714
  • 1
  • 7
  • 21
2
votes
3 answers

Issuing own certificates for signing software

We have a windows based infrastructure. Recently I was asked by our software developer if we can issue our own certificates to sign some small programs we're sending to out partners. But I don't fully understand process of doing so. What exactly I…
user3223738
  • 135
  • 4
2
votes
1 answer

Best Certs to use for internal https

I'm helping out a large church with some IT stuff they have lots of internal secure connections, like to the security cameras, or to the UniFi AP controller that want to use https. Of course each of those get an unsafe/not private warning…
wlraider70
  • 133
  • 7
2
votes
1 answer

Is capolicy.inf processed in full (or part) during server install, renewal, and issuing new certs

When installing a Windows CA, capol.inf confuses me. It seems that capol.inf does set defaults for the CA that can otherwise be done using certutil's registry functions (or regedit). It also appears to have a role when renewing a CA cert. Finally,…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
2
votes
0 answers

How does one create a certificate request for a managed service account in Windows?

I have a managed service account which needs a certificate in its personal store for decryption. I tried opening the Certificates snap-in and pointing to the service, but when I right-click on the "Personal" store the Request New Certificate option…
bshacklett
  • 1,378
  • 4
  • 19
  • 39
2
votes
0 answers

Server 2012, Attempted to Install Certificate Services, now Win-RM is broken

I have two exchange servers, one running Exchange 2007 and one Exchange 2010. On the Exchange 2010 I attempted to install a AD-Certificate role but after installing the role I am unable to run the Post-Deployment Wizard. When the wizard is opened I…
Jon Moody
  • 158
  • 1
  • 7
2
votes
1 answer

Submit a certificate request file from a non domain computer. How to figure out policy server parameters

I'm trying to submit a certificate request. I'm trying to do it from command line so I can run it from code. Previously I have done it by using the Microsoft Active Directory Certificate Services for the CA I'm using. Specifically CA Web enrollment…
Nathan Cooper
  • 123
  • 1
  • 5
2
votes
0 answers

Windows - Replace subject from CSR when issuing certificate

I've received a CSR from a client with a CN, but not with all the subject fields we require. According to this answer from Scott*, it should be possible to specify the final subject values when the CA issues the certificate, taking or leaving CSR…
Bruno
  • 281
  • 1
  • 10
2
votes
2 answers

Can a single ADCS instance "hold" more than one PKI namespace?

I want to save on OS license, simplify CRL renewals and have more than one certificate instance on a given server. For me, this makes sense from a security perspective because I have: One CA that acts as the root, that needs to publish & renew…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1 2 3
16 17