New Post: Add SAN names to existing request
Sorry I posted the wrong CSR. In the CSR I had attached, I had added in the SAN information. Below is the CSR I was testing with that through the error.-----BEGIN NEW CERTIFICATE REQUEST-----...
View ArticleNew Post: Add SAN names to existing request
I have run certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2 on my subordinate CA and restarted please, remove this setting immediately. I will check what is wrong with BSTR.
View ArticleNew Post: Add SAN names to existing request
I've removed the setting. I thought it was required if I wanted to add SAN names to CSRs that do not have them in the CSR encoded data.
View ArticleNew Post: Add SAN names to existing request
this setting was necessary to submit SAN as attribute, not authenticated extension. This setting opens a big hole in your PKI, because any request can pass arbitrary SAN value. And impersonate any user.
View ArticleNew Post: Encoding a custom extension so Windows recognizes it
Gents, I have successfully encoded and added a custom extension to requests, which then show flagged as the OID is named in Active Directory. E.g. certutil -f -oid 1.2.3.4.5.6.7.8 "Some Extension" 1033...
View ArticleNew Post: Encoding a custom extension so Windows recognizes it
No, because CryptoAPI has no definition for custom extensions, so it displays their value as hex dump.
View ArticleNew Post: Encoding a custom extension so Windows recognizes it
Thanks Camelot, much appreciated. Then that's the way I will go :)
View ArticleCommented Unassigned: Changes to Module Requirements?? [74]
Hi All,I have been happyily importing and approving Certificates via powershell script until this week, when I get the following error:Import-Module : The specified module 'PSPKI' was not loaded...
View ArticleCommented Unassigned: Changes to Module Requirements?? [74]
Hi All,I have been happyily importing and approving Certificates via powershell script until this week, when I get the following error:Import-Module : The specified module 'PSPKI' was not loaded...
View ArticleNew Post: Accessing Request.Disposition - Bug?
Hi all, I am trying to access the attribute Request.Disposition of a pending request. Funnily enough I can see the attribute if I do the following:$pending = get-pendingrequests -CA $ca -property *...
View ArticleNew Post: Accessing Request.Disposition - Bug?
you have to enclose property name in quotes:$pending."Request.Disposition"
View ArticleNew Post: Import-Module errors with Types on remote share
I am trying to import the module (ModuleVersion = '3.1.0.0') from a remote share. I would like to prevent the need to install the module on multiple workstations for security reasons. I do not get the...
View ArticleCreated Unassigned: Import-Module errors with Types on remote share [83]
(Reposting in the Issues area)I am trying to import the module (ModuleVersion = '3.1.0.0') from a remote share. I would like to prevent the need to install the module on multiple workstations for...
View ArticleCommented Unassigned: Import-Module errors with Types on remote share [83]
(Reposting in the Issues area)I am trying to import the module (ModuleVersion = '3.1.0.0') from a remote share. I would like to prevent the need to install the module on multiple workstations for...
View ArticleNew Post: Appear to be an error with Get-CertificateTemplate when the...
Hello I note then using Get-CertifcateTemplate it throws an error if the DisplayName of the template includes the / character the error it throws is New-Object : Exception calling ".ctor" with "1"...
View ArticleNew Post: Appear to be an error with Get-CertificateTemplate when the...
can you show full invocation line?
View ArticleCreated Unassigned: Appear to be an error with Get-CertificateTemplate when...
HelloI note then using Get-CertifcateTemplate it throws an error if the DisplayName of the template includes the / character the error it throws is New-Object : Exception calling ".ctor" with "1"...
View ArticleNew Post: Appear to be an error with Get-CertificateTemplate when the...
This discussion has been copied to a work item. Click here to go to the work item and continue the discussion.
View ArticleNew Post: Appear to be an error with Get-CertificateTemplate when the...
I fixed this issue (and possible related) in the internal build. thanks for report!
View ArticleNew Post: Appear to be an error with Get-CertificateTemplate when the...
Thanks very much again V all the best I will download the new build when ready (unless already uploaded, will take a look later today) Ernie
View Article