Archive

Archive for July, 2010

Windows 2003 Stand alone Certificate Server

July 20, 2010 1 comment

I found the information that Layne posted here:
http://social.technet.microsoft.com/Forums/en-US/operationsmanagerdeployment/thread/7e8dde55-6e55-4109-8da5-85a93fa64ea0
extremely useful when I was onsite the other day. The customer had a windows 2003 stand-alone certificate server and the servers to be monitored had no connectivity to the certificate server.

I found that the standard template that is documented for use with certreq didn’t work. But that the following that Layne gave in his post did the trick.

[Version]
Signature= “$Windows NT$”
[NewRequest]
Subject = “CN=agent.contoso.com,OU=MyOU,O=MyOrg,L=MyCity,S=MyState,C=US”
KeySpec= 1
KeyLength = 1024
KeyUsage = 0xa0
ProviderName = “Microsoft RSA Schannel Cryptographic Provider”
ProviderType = 12
RequestType = PKCS10
Exportable = TRUE
MachineKeySet = TRUE
UseExistingKeySet = FALSE
[EnhancedKeyUsageExtension]
OID = 1.3.6.1.5.5.7.3.1
OID = 1.3.6.1.5.5.7.3.2