Solved

How to add location info to an SSL CSR using CertReq.exe

Posted on 2014-02-27
3
2,733 Views
Last Modified: 2014-03-20
Hi, I am trying to create a cert request for an IIS 7 website on Server 2008 R2 using CertReq.exe so I can add a Subject Alternate Name. This CSR will be submitted to a 3rd party issuing CA, not an Enterprise CA, and I would normally add the SAN info on the issuers website. Unfortunately the customer wants it done this way.

I'm using a RequestPolicy.inf file that I created based on the following Technet articles:

http://technet.microsoft.com/en-us/library/ff625722%28v=ws.10%29.aspx

http://support.microsoft.com/kb/931351

Everything checks out when I verify the output file (.req), except that I cannot find how to add the folling info to the CSR with CertReq.exe. I dont see this in any of the Technet articles for this tool:

Organization
Organization Unit
City/Local
Country
State/Province
Country

Can someone please provide the proper way to add this info to a CSR using the command line?

Thank you!
0
Comment
Question by:jsnrby
  • 3
3 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 39893610
You will need to do this with a policy file:

[NewRequest]
Subject= "CN=www.domain.com, OU=xxx, O=xxx, L=xxx, S=xxx, C=xx"
Exportable = TRUE
Exportable = TRUE
KeyLength = 2048
KeyUsage = 0xA0
MachineKeySet = True
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = CMC

[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1
OID=1.3.6.1.5.5.7.3.2

2.5.29.17 = "{text}"
_continue_ = "dns=www.domain1.com&dns=www.domain2.com&dns=ww.domain3.com"

Open in new window


Then run a certreq e.g

certreq –new c:\filename-you-saved-above-content-as.inf  C:\filename-of-request-to-be-generated.txt
0
 
LVL 29

Expert Comment

by:becraig
ID: 39896396
Let me know if you have any additional question, though the above info should resolve this for you.
0
 
LVL 29

Accepted Solution

by:
becraig earned 500 total points
ID: 39924715
In the event I was not clearer above:
Subject= "CN=www.domain.com, OU=xxx, O=xxx, L=xxx, S=xxx, C=xx"
maps to
Organization
Organization Unit
City/Local
Country
State/Province
Country
OU= Organizational Unit - O=Organization - L=City\Locality - S=State - C=Country
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
'Cert OK' on www.checkctls.com failed for main mx record 1 34
set url:tel to a website 3 50
WebSite Direction 1 42
Favorites from Mac Safari to Chrome? 4 10
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question