byt3
asked on
Request A Certificate From Enterprise CA Based On Template Using Powershell
I am trying to find out how I can enroll the local machine with our enterprise CA using powershell.
I know it's possible using certutil, but I am try to avoid having to use StdErr + streamreading to get error messages. I am hoping there is a way with COM Objects, WMI ...
I got as far as this:
The issue I have is figuring out how to tell the certificate request to determine the subject name based on the computer not the user account. Right now I get a certificate issued to the user running the script in the local machine certificate store.
I know it's possible using certutil, but I am try to avoid having to use StdErr + streamreading to get error messages. I am hoping there is a way with COM Objects, WMI ...
I got as far as this:
$TemplateName = "RadiusCertificate"
$Request = New-Object -ComObject X509Enrollment.CX509CertificateRequestPkcs10
$Request.InitializeFromTemplateName(0x02,$TemplateName)
$Enroll = New-Object -ComObject X509Enrollment.CX509Enrollment
$Enroll.InitializeFromRequest($Request)
$Enroll.Enroll()
The issue I have is figuring out how to tell the certificate request to determine the subject name based on the computer not the user account. Right now I get a certificate issued to the user running the script in the local machine certificate store.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.