Quantcast
Channel: Public Key Infrastructure PowerShell module
Viewing all articles
Browse latest Browse all 729

New Post: Add SAN names to existing request

April 13, 2015, 7:04 am
$
0
0
I'm trying to use the example on the Set-CertificateExtension page but I'm having an issue and not sure what I'm doing wrong.

Here is the PowerShell code I'm using to add the SAN names

$SANNames = @("mail.shilab.com",
              "autodiscover.shilab.com")

# Create san name collection
$AlternateNames = New-Object Security.Cryptography.X509Certificates.X509AlternativeNameCollection

# Add names to collection
foreach($Name in $SANNames){
    $AlternateNames.Add($(New-Object Security.Cryptography.X509Certificates.X509AlternativeName "DnsName",$Name))
    
}

# Create extension to CSR
$SAN = New-Object Security.Cryptography.X509Certificates.X509SubjectAlternativeNamesExtension $AlternateNames

# Get handle to CA
$CA = Get-CertificationAuthority -ComputerName shilabca1.shilab.local

# Add SAN extension to request
Get-PendingRequest -CertificationAuthority $CA -RequestID 19 | Set-CertificateExtension -Extension $SAN
This is the CSR I submitted to my Subordinate enterprise CA
-----BEGIN NEW CERTIFICATE REQUEST-----
MIIFajCCBFICAQAwVjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMREwDwYDVQQH
DAhTb21lcnNldDEPMA0GA1UECgwGU0hJTGFiMRYwFAYDVQQDDA10cy5zaGlsYWIu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju3jXb3iioe5Gk6W
TLm7Bqas/zI4QpnoyeQ07TT+e1lhD0Agx7zx5Sg0OwLD/RAaYEPLEBMs588cruy7
rJBkwwwCpv8+WNRr5lFLPv/tJ0qP+ywX2DmSJQEgXtNKxTFTPxD2Q4MYfXRNycyy
dLEr6Ecn/zYODvYHdt2BViEkCUWfpio7H1IhUfLSMdWFgTauJ1olprfxeBeo2QNb
nTDNaThIr8K4YUwgE894LtZYDdfZG04M0Okexm0GiGdvvKt3MZBuG4Fk2ml+xIc3
alhMYR1UigtPOd9H7dtqnMJdt3rCVx43cGeJ7MUXRQoLooYS7g5Zkip4+O1uMfaM
PBdO/QIDAQABoIICzTAaBgorBgEEAYI3DQIDMQwWCjYuMi45MjAwLjIwRgYJKwYB
BAGCNxUUMTkwNwIBCQwYc2hpbGFicmRwZ3cuc2hpbGFiLmxvY2FsDA9TSElMQUJc
ZG1hcnF1ZXMMB2NlcnRyZXEwcgYKKwYBBAGCNw0CAjFkMGICAQEeWgBNAGkAYwBy
AG8AcwBvAGYAdAAgAFIAUwBBACAAUwBDAGgAYQBuAG4AZQBsACAAQwByAHkAcAB0
AG8AZwByAGEAcABoAGkAYwAgAFAAcgBvAHYAaQBkAGUAcgMBADB0BgorBgEEAYI3
DQIBMWYwZB4mAEMAZQByAHQAaQBmAGkAYwBhAHQAZQBUAGUAbQBwAGwAYQB0AGUe
OgBTAEgASQBMAGEAYgBTAGEAbgBXAGUAYgBTAGUAcgB2AGUAcgBDAGUAcgB0AGkA
ZgBpAGMAYQB0AGUwggF7BgkqhkiG9w0BCQ4xggFsMIIBaDA9BgkrBgEEAYI3FQcE
MDAuBiYrBgEEAYI3FQiBrMMwhJjnQIfllRDzyB+Ds94egQGG8/hehfeCMgIBZAIB
DDAbBgkrBgEEAYI3FQoEDjAMMAoGCCsGAQUFBwMBMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQgYDVR0RBDswOYINdHMuc2hp
bGFiLmNvbYIPbWFpbC5zaGlsYWIuY29tghdhdXRvZGlzY292ZXIuc2hpbGFiLmNv
bTB4BgkqhkiG9w0BCQ8EazBpMA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAIC
AIAwCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBLTALBglghkgBZQMEAQIwCwYJYIZI
AWUDBAEFMAcGBSsOAwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBShGcjWqMae0RUv
SPstnIGUayi2LzANBgkqhkiG9w0BAQUFAAOCAQEASz4XTD8BuT0A81M/y1CWqfYz
lFbwv8ZftYrldtlugGlcTskH88UKrroLdack6Ll9hSB5nzhKItJxIInq/Ad2++4g
tuPHK6GkWq24NCrl+c/Ks7Twl9AyxRSSOkblpJzXhD42YsaJXKOHaEBBbFzfOTkY
IOZbIt/f7jRNBzqW8F7O5AynoItOKWjfNLCpSQtkarfaz3Rk3fuSLX4XhLG6Sw1G
/x5bUTLweaTWL6UnxBERuxu8EdI5oUZgLWHc+bB7Sm8IuZSs2x83dH8vmFX4HRAi
a4z7FZ2JXA2D3mUYYh19m7TwLZOjAYsGrhpiQ1fCG7EFiLKAiUlIupir4NNnZw==
-----END NEW CERTIFICATE REQUEST-----
The subject name in the CSR is ts.shilab.com. After the certificate is submitted, the SAN extension added and the certificate issued, I apply it to my IIS 8.5 site. When I attempt to access the site by the subject name ts.shilab.com I get an error in IE stating the certificate name doesn't match the name I put in the browser. However, if I use mail.shilab.com or autodiscover.shilab.com it works with no issue. What am I doing wrong? I've tried to add ts.shilab.com to the SAN extension but receive an error when I run Set-CertificateExtension
Search
Viewing all articles
Browse latest Browse all 729

Trending Articles

Bath man appears in court charged with attempted murder of a man...

March 16, 2015, 7:37 am

MACLEAN, Allan

July 30, 2019, 6:00 am

Black Angus Grilled Artichokes

July 16, 2016, 4:37 pm

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Police blotter for Jan. 12

January 12, 2018, 3:30 am

99 God Status for Whatsapp, Facebook

June 5, 2016, 11:46 pm

Rajasthan Board 12th Science Result 2018 name wise- RBSE 12th commerce result...

May 26, 2018, 9:35 pm

Notorious Naushad of Ippa gang nabbed

July 19, 2019, 6:37 am

Child Kidnapping: Amy McNeil was kidnapped on her way to school by 5 adults;...

February 5, 2017, 10:40 am

Sonible Smartlimit v1.1.5-R2R

April 16, 2024, 7:10 am

NCERT Solutions for Class 9th Sanskrit Chapter 3 पाथेयम्

December 22, 2016, 3:50 am

मतलबी दोस्त स्टेट्स | Matlabi Dost Status in Hindi – Selfish Friends Status

February 13, 2020, 3:12 am

Arrow Flash 2 – Sinhala Dubbed – Episode 23 – 20th March 2016

March 20, 2016, 9:39 am

[GET] AI Traffic Goldmine

July 6, 2025, 4:23 am

[E² Plugin] HDF-Radio

January 26, 2025, 9:02 am

Universal Multi-Patch v1.3 By RADIXX11

January 29, 2018, 2:45 pm

IWAN – Thanks and Praise ( Throw Back Thursday )

March 9, 2016, 11:43 pm

RONALD P SONDERGAARD Arrested by Miami-Dade County Corrections on Mar 03, 2017

March 3, 2017, 6:25 am

मुख मैथुन से उठाएं सेक्स का भरपूर मज़ा, जानें क्या है इसका सही तरीकामुख मैथुन...

May 17, 2020, 2:04 pm

HSSC Excise & Taxation Inspector Result 2017 Scorecard/ Category Wise Merit List

July 29, 2017, 2:44 am
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>