New Post: Add Subject Alternate Names to Cert Request

Camelot wrote:

Ok, if you are aware about these risks, then the following syntax must be used:

Submit-CertificateRequest <parameters> -Attribute "san:dns=www.example.com&dns=sip.example.com"

We did the following tests:

1. Submit-CertificateRequest -Path d:\temp\acertRequest.cer -CertificateAuthority $myCA -Attribute 'CertificateTemplate:TestServerInternalStandard','san:dns=testname1.infineon.com&dns=testname2.infineon.com'
   

In this case only the required by the CA Template was taken.

1. Submit-CertificateRequest -Path d:\temp\acertRequest.cer -CertificateAuthority $myCA -Attribute 'san:dns=testname1.infineon.com&dns=testname2.infineon.com','CertificateTemplate:TestServerInternalStandard'
   

In this case only the Sans were taken and not the Template which resulted in an "Requeststatus denied" as our CA requires a Templatename.

Do you have an idea what we got wrong? Our CA is hosted on an Win2008 R2 Server.

Thanks Andreas